firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 19:03:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ggVfPqQXV4W7OtZlY48RFeUPwFMZ8dXWc3YtJgoH2gBGlK9HfOqrvA==
Age: 2139
acompanhantesembrasil.blogspot.com/2018/01/acompanhante-de-luxo-morena-marilia-sp.html
301 Moved Permanently 220 B URL HTTP/1.1 acompanhantesembrasil.blogspot.com/2018/01/acompanhante-de-luxo-morena-marilia-sp.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 77bfec89b1b2f2a38e83969ec0cda346
eb1e4e8c3a7d074c72a0b833cef6f4797ea6ccdb
af9d70530d0e45968cd479d9e10a893daa4ae7dfaf7581985958eb5a81d93565
GET /2018/01/acompanhante-de-luxo-morena-marilia-sp.html HTTP/1.1
Host: acompanhantesembrasil.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://acompanhantesembrasil.blogspot.com/2018/01/acompanhante-de-luxo-morena-marilia-sp.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 20 Sep 2022 19:38:46 GMT
Expires: Tue, 20 Sep 2022 19:38:46 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 220
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3668
Expires: Tue, 20 Sep 2022 20:39:54 GMT
Date: Tue, 20 Sep 2022 19:38:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jLmWeSQ8OMssyF4B3eqC373HY-0roDqWrztFda19FSUV4_rnj8FMjg==
age: 54213
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6833bdc6f3a1531c260df0eec1b6a07a
3f9431fb6284dcde388b72b034f3225a2b2ded87
2ebf5b4059d407bc62be0be11472c845589a26e438720c59a85c0b68f6f01990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 19:03:22 GMT
Expires: Tue, 20 Sep 2022 19:31:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: poo3Te5y-llhDQ8QG0xxWm_ufJ8BY5exDDYKjrh2reovqQ7wBb92nw==
Age: 2124
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a2b2bc6448d05a22ba8e74af121a64f3
36edd78be776df89ad54191df77f81b6782ac542
ebd6e74a22c3d26d24f368c5ebd3f5f386fd78d720931d826c8b2296cd51805f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2461
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:46 GMT
Last-Modified: Tue, 20 Sep 2022 18:57:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
acompanhantesembrasil.blogspot.com/2018/01/acompanhante-de-luxo-morena-marilia-sp.html
200 OK 50 kB URL HTTP/2 acompanhantesembrasil.blogspot.com/2018/01/acompanhante-de-luxo-morena-marilia-sp.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19396)
Hash 737ff83f48a3af29d765f72f7da20248
d53181107a931c5d3ee2fba1ab9bc9819b55c4b0
1b1c46882e8348b0f00954ebc4689b948496397fac0f24288974645abb1999a1
GET /2018/01/acompanhante-de-luxo-morena-marilia-sp.html HTTP/1.1
Host: acompanhantesembrasil.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 20 Sep 2022 19:38:46 GMT
date: Tue, 20 Sep 2022 19:38:46 GMT
cache-control: private, max-age=0
last-modified: Mon, 19 Sep 2022 22:42:17 GMT
etag: W/"12c0d4d857fb33123b50f9748ca07c73a47196eb68882e69ab390a58cb8aee1c"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 49511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/charts/loader.js
200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js
IP
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 18:43:43 GMT
expires: Tue, 20 Sep 2022 19:43:43 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
content-type: text/javascript
age: 3304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 60ac43749e73404728feb9e1bea89e82
c1459e8ba98db175e9fb9b2ff681df09d5149b55
c4d3ef447c0f9bae9d328d925f502bf93bd75b882f51eb4dd71daa2a5f3c6c1f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
200 OK 3.5 kB URL HTTP/2 www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (10473)
Hash 5f322b95a9dc592286f58bb0b446fb3a
7b504dd1f75dca0b6545643188e510cae4699c6a
a87b7a7bb8c3c8104355c38ea1e71953c2fc38320e3d32c675e753afa96eed15
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 19:38:47 GMT
expires: Tue, 20 Sep 2022 19:38:47 GMT
cache-control: public, max-age=0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.engageya.com/engageya_blogger.js
200 OK 871 B URL HTTP/1.1 widget.engageya.com/engageya_blogger.js
IP
File type ASCII text, with CRLF line terminators
Hash 30d3dbd86edc0c45404efc365e7fbe1a
647fb4573783812fccde8d402de1e7518d037b1e
15f3d0e424bd62bd5ed8763e0b46085cdaa6d02f3d757f862f7f6a0693ef9b59
GET /engageya_blogger.js HTTP/1.1
Host: widget.engageya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 19 Sep 2022 12:53:35 GMT
ETag: W/"6328664f-93a"
Content-Encoding: gzip
Content-Length: 871
Cache-Control: max-age=7200
Expires: Tue, 20 Sep 2022 21:38:47 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
cdn.popcash.net/pop.js
200 OK 39 kB IP
File type ASCII text, with very long lines (65390)
Hash d958b5b616982dd31c2ab57686e99216
118281d5c00344f539d8602dd5b3c313e61f6612
98621673b53c1d2fcddab4bdfd3c5d57741e98b7e506f1ffb8aafe3f8ffe3a59
Analyzer Verdict Alert fortinet Malware
GET /pop.js HTTP/1.1
Host: cdn.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:47 GMT
content-encoding: br
content-length: 39246
content-type: application/javascript
last-modified: Tue, 05 Jul 2022 13:28:20 GMT
accept-ranges: bytes
etag: W/"62c43c74-1f3e1"
cache-control: max-age=2592000, public
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSBmGyCJioekeB7jMfiL9fNxR%2BRAhVHa2CrRqSUR5tSU6hwGw%2B7sd4vDSSvUqPDhwmpYii7S2Ws8A4EriiKqCxXfi8lNy7gC1PzRPXYFONtAlsLUULK4%2F7ldnVC8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 72a483336fb0be3f-CPH
vary: Accept-Encoding
x-hw: 1663702727.cds262.sk1.hn,1663702727.cds218.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bcbc6f8f4e3671a08f8035cae0c0f03d
069851464e4a9b64c87f33fe040d311a0b816773
696ca48ef2fad7be936c188fa2b455e77a7ea1e7c0174a7a8f1a97b01539fcf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 18:36:04 GMT
expires: Mon, 18 Sep 2023 18:36:04 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 18 Sep 2022 02:49:24 GMT
content-type: text/javascript
age: 176563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4e6f219c1ec51aaeea9d19815bc030f8
bfc67818e25e57ea6f4647da8210dc3c186d1d65
eee3c233327600364661efb64d5ef2d3c951c482053856fbb046032d703f75bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3C233327600364661EFB64D5EF2D3C951C482053856FBB046032D703F75BD"
Last-Modified: Sun, 18 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10225
Expires: Tue, 20 Sep 2022 22:29:12 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 24fab477dcb8381a7cf98f1be0398582
ade4b66675deea7656d55c12fc57fb843061cb6b
075d2536e95ade9a3400b67264cae2392d467958cf22342db408eceaec50a805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "075D2536E95ADE9A3400B67264CAE2392D467958CF22342DB408ECEAEC50A805"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2232
Expires: Tue, 20 Sep 2022 20:15:59 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5c3dcfbcaee382a22fb1192042b1d7d5
0420eab4c4baa560b00d5a4d15995e97019ddd19
67ccd008d74fff9adacd737c4f0e1d454f186ddde9e5967c57135b01a637b436
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67CCD008D74FFF9ADACD737C4F0E1D454F186DDDE9E5967C57135B01A637B436"
Last-Modified: Mon, 19 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17985
Expires: Wed, 21 Sep 2022 00:38:32 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
www.blogger.com/static/v1/widgets/139732538-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/139732538-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 85f397c389efac9ad63d1798bceeff88
2258e2f2f18d8a6c6bb4d89e3c047c6c83da4f4b
e0d600281770079e5cdb9f4bb66aa3bdce5ee67e21c321c9e325789e96e5db76
GET /static/v1/widgets/139732538-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56922
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 02:05:24 GMT
expires: Tue, 19 Sep 2023 02:05:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 00:49:30 GMT
content-type: text/javascript
age: 149603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Tue, 20 Sep 2022 19:38:47 GMT
expires: Tue, 20 Sep 2022 19:38:47 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/res/2875365893-rockpool_compiled.js
200 OK 47 kB URL HTTP/2 resources.blogblog.com/blogblog/data/res/2875365893-rockpool_compiled.js
IP
File type ASCII text, with very long lines (2618)
Hash 1587136da1c3171410377136dc183094
1fa9d312e13a7b4d83d023208a715f2a30402ee9
3244d8626ee28f7b3da58fed3153a869eb30665e87eb4f2e3bd9c4900f7fa388
GET /blogblog/data/res/2875365893-rockpool_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 46832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 03:09:27 GMT
expires: Mon, 26 Sep 2022 03:09:27 GMT
cache-control: public, max-age=604800
last-modified: Mon, 19 Sep 2022 02:51:19 GMT
content-type: text/javascript
age: 145760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ecCsddfaM5+W6e1e3fffKg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V3Tff41cZHQdInVSKWAvXTdEq1E=
ocsp.sectigo.com/
200 OK 471 B IP
Hash ab4c7a8219f5e00b6ed2583cfb734106
b10f5285137439ccc5a77f934d4af30f6c9dc81f
f9322308e61d202ca7a16363e37f12b6ec360cab6c135f51078eb693ea091f4b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 08:03:41 GMT
Expires: Sat, 24 Sep 2022 08:03:40 GMT
Etag: "b10f5285137439ccc5a77f934d4af30f6c9dc81f"
Cache-Control: max-age=303292,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd05fc8cadb4ee-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cded94ac1c3c7bc6b1a7343db0bb38a1
c4d86791d371a5839bae58b913061daecd404e04
646698dbbb24e7f0099a525aa1ac2822b7cc03cdddb687fe38829370932a9f78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widgets.asdpoi.com/_affiliate/hubtraffic/saved/10022208/video_page.10022208-2-preview_14989631021366235.js?1498963103
404 Not Found 162 B URL HTTP/1.1 widgets.asdpoi.com/_affiliate/hubtraffic/saved/10022208/video_page.10022208-2-preview_14989631021366235.js?1498963103
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /_affiliate/hubtraffic/saved/10022208/video_page.10022208-2-preview_14989631021366235.js?1498963103 HTTP/1.1
Host: widgets.asdpoi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
server: nginx
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: text/html
content-length: 162
set-cookie: RNLBSERVERID=ded7336; path=/
cache-control: private
x-request-id: 632A16C6-D812A81E01BBD4DD-11A03C8D
go.onclasrv.com/apu.php?zoneid=1301325
302 Found 138 B URL HTTP/2 go.onclasrv.com/apu.php?zoneid=1301325
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /apu.php?zoneid=1301325 HTTP/1.1
Host: go.onclasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: text/html
content-length: 138
location: https://cobalten.com/apu.php?zoneid=1301325
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ce2b33764df6552cbe1260211316423d
868aa9a70a4e5991c83c01708bf68625c6b8b834
18597dd84c8166842e531ca18a25c5849d87cee0f367a86f2ad8bedde80a06a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18597DD84C8166842E531CA18A25C5849D87CEE0F367A86F2AD8BEDDE80A06A6"
Last-Modified: Tue, 20 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17673
Expires: Wed, 21 Sep 2022 00:33:20 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 8780116035e4f7f89e14808b09f1bd89
13dd0f0ceb5877bf34f164d19ae0ca682f7d48d6
bb6e7c99f8d6319aaea9d0e6f91dc7894807c07ce66e24dd5de44d2b0b33c408
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 05:57:20 GMT
Expires: Mon, 26 Sep 2022 05:57:19 GMT
Etag: "13dd0f0ceb5877bf34f164d19ae0ca682f7d48d6"
Cache-Control: max-age=468511,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd05fcddc4b527-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 81fa7001b4b94f54d2ab4f3237ecaabb
e21bb07f34d9bed91f5caac3f9a83e9600a5652c
0ecbe6e0c5198d792a0eeb4197c88ec1d3a9f8b215efae7a6bb87776f7673b6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc7e895b46c74d8b5373f9cf37529966
98a2fa87b22bc3b2bc75129a75948f948595e98b
8a39fe11bfde9356a96c7d95f241810bb0c26d9aade9da2d8e23442241e6bfb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8A39FE11BFDE9356A96C7D95F241810BB0C26D9AADE9DA2D8E23442241E6BFB1"
Last-Modified: Sun, 18 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Wed, 21 Sep 2022 01:38:43 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
d3p2b5qewrnsyv.cloudfront.net/?eqbpd=692872
200 OK 21 kB URL HTTP/2 d3p2b5qewrnsyv.cloudfront.net/?eqbpd=692872
IP
File type ASCII text, with very long lines (1049)
Hash 35af18c7ba16c7e7b54ee7bfcfc0cd86
5fbfc0fc68772dc97d561e00a62eca69805e2b48
ef4f7cd7155f65278055c4cc44010295d507038b7ad17e0ef3247d28d2811e1d
GET /?eqbpd=692872 HTTP/1.1
Host: d3p2b5qewrnsyv.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 21439
date: Tue, 20 Sep 2022 19:38:47 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zbuzVAtsd2TBAn6Ja7YkpMJQcnJzncOVSObf_p-UB92EMdJaiKBGOA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0f0229f669d06c9dfdea2b4af74d2a7b
7f8f34ad590cbe9b952ab1cb7bb6a2682f606adc
5a2546bf606f3060d2545f9c7f68f9baf0c13f78f787257d476874cb71dc8803
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2546BF606F3060D2545F9C7F68F9BAF0C13F78F787257D476874CB71DC8803"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20180
Expires: Wed, 21 Sep 2022 01:15:07 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 64a0d920f934d7817c709d633c1d2d8e
8cb0985ad05ac26293657d151735946c7fe924a2
ff141188d347e470e739009da6fa3fd38ab43acfdcdc88e8645554d109036924
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF141188D347E470E739009DA6FA3FD38AB43ACFDCDC88E8645554D109036924"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6407
Expires: Tue, 20 Sep 2022 21:25:34 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfe5f5dee148675080899ee8f4b0067a
ba793d6c38beb9b45280cd34022b8add6a77c14f
3738ace607e90b747cb520ad32f9af637ea5240b4e7469c0913bf067f9fbc561
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3738ACE607E90B747CB520AD32F9AF637EA5240B4E7469C0913BF067F9FBC561"
Last-Modified: Mon, 19 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21594
Expires: Wed, 21 Sep 2022 01:38:41 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
api.reporo.net/mobpopunder.js?id=rz9hMJyxCGL3ZmLl
200 OK 505 B URL HTTP/2 api.reporo.net/mobpopunder.js?id=rz9hMJyxCGL3ZmLl
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (505), with no line terminators
Hash a310cbfc8e831ff77afb68dc88485b0c
4eef89886167daf12bf3d73525cf89c737348550
2027d70b367f89b4975d2d794ab4755905d63072fd555148ce4d39c8d25e9c79
GET /mobpopunder.js?id=rz9hMJyxCGL3ZmLl HTTP/1.1
Host: api.reporo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, private, must-revalidate
content-length: 505
content-type: text/html; charset=utf-8
date: Tue, 20 Sep 2022 19:38:47 GMT
server: Cowboy
set-cookie: sid=d841a552-391b-11ed-8936-a5e2b74d3204; path=/; domain=.reporo.net; expires=Sun, 08 Oct 2090 22:52:54 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
www.onclickclear.com/a/display.php?r=1870091
204 No Content 0 B URL HTTP/2 www.onclickclear.com/a/display.php?r=1870091
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/display.php?r=1870091 HTTP/1.1
Host: www.onclickclear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: openresty
date: Tue, 20 Sep 2022 19:38:47 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cobalten.com/apu.php?zoneid=1301325
403 Forbidden 968 B URL HTTP/2 cobalten.com/apu.php?zoneid=1301325
IP
File type ASCII text, with very long lines (801)
Hash 15b706f424efc3110dc2332374e7c462
dc89d725293fcfae12c101af501caa3f0eb2c8f2
0403dff1dbc7c617d8b34719b4934f76884c01b30203004746e3061067bc49ae
GET /apu.php?zoneid=1301325 HTTP/1.1
Host: cobalten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acompanhantesembrasil.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: application/javascript
content-length: 968
x-trace-id: 85bfecaef2d4408987d258ee27a3f0e0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e1ba7704293bb7a050728afb29ccbdbf
e98f24a91fd52b87a5b4c00ef167da142e6e81b3
c4506bcb06e71107a5d925be5537c4d0294b1422afc410565f7474a83ae6da89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e1ba7704293bb7a050728afb29ccbdbf
e98f24a91fd52b87a5b4c00ef167da142e6e81b3
c4506bcb06e71107a5d925be5537c4d0294b1422afc410565f7474a83ae6da89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e1ba7704293bb7a050728afb29ccbdbf
e98f24a91fd52b87a5b4c00ef167da142e6e81b3
c4506bcb06e71107a5d925be5537c4d0294b1422afc410565f7474a83ae6da89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e1ba7704293bb7a050728afb29ccbdbf
e98f24a91fd52b87a5b4c00ef167da142e6e81b3
c4506bcb06e71107a5d925be5537c4d0294b1422afc410565f7474a83ae6da89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2TBgbTFjV8izdIUUAktV1FEuUzRjPBAUYXJg46yWgJyC8SQ7tu7iNM53ge_XzgiKcGhPTcSoTcwhok-s66T8K0EHvRnjXasw=s0-d
200 OK 4.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2TBgbTFjV8izdIUUAktV1FEuUzRjPBAUYXJg46yWgJyC8SQ7tu7iNM53ge_XzgiKcGhPTcSoTcwhok-s66T8K0EHvRnjXasw=s0-d
IP
File type PNG image data, 235 x 177, 8-bit/color RGB, non-interlaced\012- data
Hash c8096d8aa5ea03112042d2030655c001
187c9b5cf71754a91687ff1f88481648ec177a92
53ebbf7da28d2cd44a0bbd7d3ab22ac6a48a9b41032881a61fc3a2decfa20b01
GET /blogger_img_proxy/ANbyha2TBgbTFjV8izdIUUAktV1FEuUzRjPBAUYXJg46yWgJyC8SQ7tu7iNM53ge_XzgiKcGhPTcSoTcwhok-s66T8K0EHvRnjXasw=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 21 Sep 2022 19:38:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 20 Sep 2022 19:38:47 GMT
server: fife
content-length: 4087
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash b93eca43df69008441568b1d2dd97731
1a3931168635792eae22c9d19f31f63f0dd229e6
db0e81516c4e5a5341f3f2cd4ea6c348ea94c3bfff5e16407da280843a3b2fa9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DB0E81516C4E5A5341F3F2CD4EA6C348EA94C3BFFF5E16407DA280843A3B2FA9"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21491
Expires: Wed, 21 Sep 2022 01:36:58 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
www.imglnka.com/4093/003808D_FILF_18_ALL_EN_121_L.jpg
200 OK 138 kB URL HTTP/1.1 www.imglnka.com/4093/003808D_FILF_18_ALL_EN_121_L.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2017:06:08 14:03:32], baseline, precision 8, 160x600, components 3\012- data
Size 138 kB (137843 bytes)
Hash 2f44bf497c5bf74bb732d48fec3b9509
4d7d4ee539ece407a897206a2bfee6984874cb69
7a0b9736da4b38d3ab19f9226f7d4315435489f97b401d92f5d72a1fe0f82dbc
GET /4093/003808D_FILF_18_ALL_EN_121_L.jpg HTTP/1.1
Host: www.imglnka.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: Keep-Alive
ETag: "1496951441"
Cache-Control: max-age=71585
Content-Length: 137843
Content-Type: image/jpeg
Last-Modified: Thu, 08 Jun 2017 19:50:41 GMT
Accept-Ranges: bytes
X-HW: 1663702727.dop219.sk1.t,1663702727.cds263.sk1.shn,1663702727.dop219.sk1.t,1663702727.cds020.sk1.c
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3jxJYbJxZSNvrECD16zuW1Ij4ICqAATz1i_8jmja_5Yhxj2pfu6mlndM-Sw42qEc4ICQF1UdOPRa1gl1xOR4_q1_2g-4_Wo1ZS_mVTJrhO4WqShdX18Qbu6ss8dIo=s0-d
200 OK 450 B URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3jxJYbJxZSNvrECD16zuW1Ij4ICqAATz1i_8jmja_5Yhxj2pfu6mlndM-Sw42qEc4ICQF1UdOPRa1gl1xOR4_q1_2g-4_Wo1ZS_mVTJrhO4WqShdX18Qbu6ss8dIo=s0-d
IP
File type GIF image data, version 89a, 51 x 20\012- data
Hash 9675a3765512a8bd3cfe75d02132027a
9bd24412e505c1f7fd923a458d3ecaf0c3c2b875
692b78bf0d66cf6ceb561591b6d07056eec6d6970567977acd2d344102ef17e7
GET /blogger_img_proxy/ANbyha3jxJYbJxZSNvrECD16zuW1Ij4ICqAATz1i_8jmja_5Yhxj2pfu6mlndM-Sw42qEc4ICQF1UdOPRa1gl1xOR4_q1_2g-4_Wo1ZS_mVTJrhO4WqShdX18Qbu6ss8dIo=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 21 Sep 2022 19:38:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.gif"
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 20 Sep 2022 19:38:47 GMT
server: fife
content-length: 450
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1wv9vNo_qE3ySW3881cvN-u1kGv1Ad3B4U0s3gmGsNU_XSBbOKGUCGcXHgD03PFWLB3kueW1Zjgq-YkHvAncuF3EeNgkmenyEfLIRn4OHQ-ytA04VFtcbxC7F30w=s0-d
404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1wv9vNo_qE3ySW3881cvN-u1kGv1Ad3B4U0s3gmGsNU_XSBbOKGUCGcXHgD03PFWLB3kueW1Zjgq-YkHvAncuF3EeNgkmenyEfLIRn4OHQ-ytA04VFtcbxC7F30w=s0-d
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 12038e4db1d41cf736d0a222179896e2
f5dd1eadf3658bb1894664316e747e7f05ec3ae0
6f1c68ae5292b7fdb568515eb1ed806cca2dc1af27c78319cfd0d3b4e741e810
GET /blogger_img_proxy/ANbyha1wv9vNo_qE3ySW3881cvN-u1kGv1Ad3B4U0s3gmGsNU_XSBbOKGUCGcXHgD03PFWLB3kueW1Zjgq-YkHvAncuF3EeNgkmenyEfLIRn4OHQ-ytA04VFtcbxC7F30w=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Sep 2022 19:38:47 GMT
server: fife
content-length: 1714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash b93eca43df69008441568b1d2dd97731
1a3931168635792eae22c9d19f31f63f0dd229e6
db0e81516c4e5a5341f3f2cd4ea6c348ea94c3bfff5e16407da280843a3b2fa9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DB0E81516C4E5A5341F3F2CD4EA6C348EA94C3BFFF5E16407DA280843A3B2FA9"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21491
Expires: Wed, 21 Sep 2022 01:36:58 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19228, version 1.0\012- data
Hash 4de1acb111366ff5358a27c36bfff049
3e746862c43c9bf6080efa2e67985c6017013db1
df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
GET /s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 19:36:50 GMT
expires: Tue, 19 Sep 2023 19:36:50 GMT
cache-control: public, max-age=31536000
age: 86517
last-modified: Mon, 15 Aug 2022 18:05:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
buleor.com/pup.php?section=General&pt=2&pub=619576&ga=a
200 OK 49 kB URL HTTP/2 buleor.com/pup.php?section=General&pt=2&pub=619576&ga=a
IP
ASN #201702 skHosting.eu s.r.o.
Hash 6ef49176af04abdfa53df725f9425b28
d31906bd516fb6ae718f724d980b78f692c07479
adba26822c7fb5243c5aa05f8b8abfcdc87573f880919e3f4863670eff04b34c
GET /pup.php?section=General&pt=2&pub=619576&ga=a HTTP/1.1
Host: buleor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: application/javascript
expires: Tue, 20 Sep 2022 19:38:47 GMT
last-modified: Tue, 20 Sep 2022 19:38:47 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e1ba7704293bb7a050728afb29ccbdbf
e98f24a91fd52b87a5b4c00ef167da142e6e81b3
c4506bcb06e71107a5d925be5537c4d0294b1422afc410565f7474a83ae6da89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 40066
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash b93eca43df69008441568b1d2dd97731
1a3931168635792eae22c9d19f31f63f0dd229e6
db0e81516c4e5a5341f3f2cd4ea6c348ea94c3bfff5e16407da280843a3b2fa9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DB0E81516C4E5A5341F3F2CD4EA6C348EA94C3BFFF5E16407DA280843A3B2FA9"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21491
Expires: Wed, 21 Sep 2022 01:36:58 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6daff874e31b861ccd25b18e4ef4ed93
dd629e57d9f5c8755f7b3ef62bfc2621cb29a850
0d652b4156531a41b1ec913c569a971177ba340f5206a194415b6c820510c892
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D652B4156531A41B1EC913C569A971177BA340F5206A194415B6C820510C892"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2539
Expires: Tue, 20 Sep 2022 20:21:06 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
kuleqasfors.one/aVE0cTFGblcCDDo9dUBnBDUAK3A7J2EfQQMQcytmDGN5P2g/BBIFWA1sAkgDUWYGV0EANQlJFxolVQVEGmwFV1gHN1tMFx9sBF8AR2ADXwBPJAlAFx0hVRYMWHdEBUUFbAVHB1pmBEMGW2YHRwk
204 No Content 0 B URL HTTP/2 kuleqasfors.one/aVE0cTFGblcCDDo9dUBnBDUAK3A7J2EfQQMQcytmDGN5P2g/BBIFWA1sAkgDUWYGV0EANQlJFxolVQVEGmwFV1gHN1tMFx9sBF8AR2ADXwBPJAlAFx0hVRYMWHdEBUUFbAVHB1pmBEMGW2YHRwk
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aVE0cTFGblcCDDo9dUBnBDUAK3A7J2EfQQMQcytmDGN5P2g/BBIFWA1sAkgDUWYGV0EANQlJFxolVQVEGmwFV1gHN1tMFx9sBF8AR2ADXwBPJAlAFx0hVRYMWHdEBUUFbAVHB1pmBEMGW2YHRwk HTTP/1.1
Host: kuleqasfors.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 20 Sep 2022 19:38:47 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5Sapl8aDpLV0HZUd5WJU2AC1e1j%2Fa4A23TWuB7f2ZR73R3%2F%2FXKYgFxUFuom6ZbNQ7eM40Jgz64JzxjzyVUnNgGr3qYx%2FuXGz7FlgTpqNSfSwfQBZjGLzQ%2F1ZqjAEM9S5mw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd05fedfc11bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d63a3au5lqmtu.cloudfront.net/?luaad=776927
200 OK 51 kB URL HTTP/2 d63a3au5lqmtu.cloudfront.net/?luaad=776927
IP
File type Unicode text, UTF-8 text, with very long lines (15478)
Hash eea33d1d2ccf21543cdba1798cf6a44b
72495e823a148efefd4c56a61487e84d06089fc1
3bc5b89a21f97d377107da57cdd855ecc5b1ac9b8efea58f5942291492f8c89f
GET /?luaad=776927 HTTP/1.1
Host: d63a3au5lqmtu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 50599
date: Tue, 20 Sep 2022 19:38:47 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cOAqbemKjHm6qhcFYaDOXqouzHPHUVxzqHkG35zRX_EXihW2IXBNVQ==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 25d871b85fca760d1942210da16ddec5
af9ed458f6539661fae410a4670310f9aa6ee771
e2750afc23761c1701758b6c6b1a3f5dcc60b8f4196ce63b3f0c4801c9344062
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2750AFC23761C1701758B6C6B1A3F5DCC60B8F4196CE63B3F0C4801C9344062"
Last-Modified: Tue, 20 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5687
Expires: Tue, 20 Sep 2022 21:13:34 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 8780116035e4f7f89e14808b09f1bd89
13dd0f0ceb5877bf34f164d19ae0ca682f7d48d6
bb6e7c99f8d6319aaea9d0e6f91dc7894807c07ce66e24dd5de44d2b0b33c408
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 05:57:20 GMT
Expires: Mon, 26 Sep 2022 05:57:19 GMT
Etag: "13dd0f0ceb5877bf34f164d19ae0ca682f7d48d6"
Cache-Control: max-age=468511,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd05fec80fb4ee-OSL
widget.engageya.com/engageya_loader.js
200 OK 28 kB URL HTTP/1.1 widget.engageya.com/engageya_loader.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 74521eb66e5494a817e5181a3c49d88d
06e2261572f02402ed98a499a71f2036edace041
2f878b83e724421ef3d9f394eea5aa54b342b5953dce919862a96009c10f3bf4
GET /engageya_loader.js HTTP/1.1
Host: widget.engageya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 19 Sep 2022 12:53:35 GMT
ETag: W/"6328664f-1aff8"
Content-Encoding: gzip
Content-Length: 28209
Cache-Control: max-age=7200
Expires: Tue, 20 Sep 2022 21:38:47 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash c188d12765e59977002a334ff98b0a1d
5877ffd2a18ee0769e262fc9671c242307a654a6
262ef072d3c7b2530c2b4b3c4b317e98fb7eff5eac95c51d2337bd5d6610ea65
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "262EF072D3C7B2530C2B4B3C4B317E98FB7EFF5EAC95C51D2337BD5D6610EA65"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21365
Expires: Wed, 21 Sep 2022 01:34:52 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
go.oclasrv.com/apu.php?zoneid=1301325
403 Forbidden 968 B URL HTTP/2 go.oclasrv.com/apu.php?zoneid=1301325
IP
File type ASCII text, with very long lines (801)
Hash 15b706f424efc3110dc2332374e7c462
dc89d725293fcfae12c101af501caa3f0eb2c8f2
0403dff1dbc7c617d8b34719b4934f76884c01b30203004746e3061067bc49ae
GET /apu.php?zoneid=1301325 HTTP/1.1
Host: go.oclasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: application/javascript
content-length: 968
x-trace-id: 4bc837391012ae72d13cbb757b757c39
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 282 B IP
Hash 9770bea69494841a92779f355002f5df
b4cd690b43e686570bb603ca19a58d9e9ccb56c2
7d93aea09945dd713765c597acc21748b5a7f8c99cc782f9ccbaac3973482f16
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:47 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 09:53:47 GMT
Expires: Tue, 27 Sep 2022 09:53:46 GMT
Etag: "b4cd690b43e686570bb603ca19a58d9e9ccb56c2"
Cache-Control: max-age=569098,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd05ff494cb527-OSL
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1p-7mYJH-3i95KpP4NTtgd8p8zhUy0h8cHweEWu0zpUSwgdG1z1YSGtErtApcObMw6Kr34TY1CDTp8NogDQxL350pp4iaZk_Pnnsu1dymz983BnQxX3-mQjEQP8HfPZ93N6QKW8JQ3x8Ue1x4epM4JkzxEyAsFBdINird22XZDqxsU3wwg2pz1P45zhc0I4nT4dKbB3IaaVn8m3PivnDDFaPaRTPIlN55GDl1Z_blqVO7XHAXG=s0-d
200 OK 11 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1p-7mYJH-3i95KpP4NTtgd8p8zhUy0h8cHweEWu0zpUSwgdG1z1YSGtErtApcObMw6Kr34TY1CDTp8NogDQxL350pp4iaZk_Pnnsu1dymz983BnQxX3-mQjEQP8HfPZ93N6QKW8JQ3x8Ue1x4epM4JkzxEyAsFBdINird22XZDqxsU3wwg2pz1P45zhc0I4nT4dKbB3IaaVn8m3PivnDDFaPaRTPIlN55GDl1Z_blqVO7XHAXG=s0-d
IP
File type PNG image data, 162 x 137, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e3efa95129a91125e585948f63e5719
fa801efff85e7830ed5c73ed043f7134208a32f5
868058f30bfee56d7cccfcd9406d8aba4bc7f3d8bf39cf194f3858fd33eea40d
GET /blogger_img_proxy/ANbyha1p-7mYJH-3i95KpP4NTtgd8p8zhUy0h8cHweEWu0zpUSwgdG1z1YSGtErtApcObMw6Kr34TY1CDTp8NogDQxL350pp4iaZk_Pnnsu1dymz983BnQxX3-mQjEQP8HfPZ93N6QKW8JQ3x8Ue1x4epM4JkzxEyAsFBdINird22XZDqxsU3wwg2pz1P45zhc0I4nT4dKbB3IaaVn8m3PivnDDFaPaRTPIlN55GDl1Z_blqVO7XHAXG=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
date: Tue, 20 Sep 2022 19:38:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate, no-transform
content-disposition: attachment;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 11418
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkqg.ttf
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkqg.ttf
IP
File type TrueType Font data, 16 tables, 1st "GDEF", 12 names, Microsoft, language 0x409, Copyright 2011 The Lora Project Authors (https://github.com/cyrealtype/Lora-Cyrillic), with Rese\012- data
Hash 63b1c79b52b84bcaab0ea6865d4520ac
1049e4941fe29db9792bdfa72fb566bbf86c490f
05bd40d47507be81e9aa8733a3378467eaccd696a3095ff48b497c5a0eed0386
GET /s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkqg.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 12:11:58 GMT
expires: Wed, 20 Sep 2023 12:11:58 GMT
cache-control: public, max-age=31536000
age: 26809
last-modified: Mon, 15 Aug 2022 18:05:07 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6a2fa200c9eb762f58001b0cde0c6ad7
74c3d5d38528822ad3772404452c7fc2b9733e75
57882888389941e6abb474b985bac78f0b44b7e8e5ef7a155a137edc6a9ca117
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 19:38:47 GMT
Last-Modified: Tue, 20 Sep 2022 17:59:43 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vb9x8nJtknnd7-auJ87G2jDoy4u9vikjzTEaS3e-St5fu1Dfi_u6pQ==
Age: 5944
go.onclasrv.com/apu.php?zoneid=1301325
302 Found 138 B URL HTTP/2 go.onclasrv.com/apu.php?zoneid=1301325
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /apu.php?zoneid=1301325 HTTP/1.1
Host: go.onclasrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: text/html
content-length: 138
location: https://cobalten.com/apu.php?zoneid=1301325
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
lewoverthecit.xyz/ejU5Z0kbV1oKdhsIW0E8CFkEQns8EAshLUwGWFQoDwBVFiQOQBcEJRVAXQE7FVtNSScfQRxVDx57fl5/HgV3Pwg4ZGsBDDtycQw5THdVEwIuW1o0CyteYCscKGZyDRwtcW1XJjBxdzYNHXhsIyVDf30AeRR2b14qPUxzBgo/UWstJRV4a1cTFmNoFBApW1o0DhJBcislCWN8HzoMY2wXADdtYAYRSwx/BDENbWpXExd3QFYvKG13PgsSZHooMTxRagBwTXRTJQQrB2AvBSwMfwR5I29hVxg5cW8LHCgHVjURL1poLSUZcH8xAwJWVVYCKFt0IhERGEkgEx1vXy8LTk1sNiIscQs+DjFgdyUrK2dzI3kKTB8NOhVbSVoZOGAANRspRV0GMBl4Ug
200 OK 1.2 kB URL HTTP/2 lewoverthecit.xyz/ejU5Z0kbV1oKdhsIW0E8CFkEQns8EAshLUwGWFQoDwBVFiQOQBcEJRVAXQE7FVtNSScfQRxVDx57fl5/HgV3Pwg4ZGsBDDtycQw5THdVEwIuW1o0CyteYCscKGZyDRwtcW1XJjBxdzYNHXhsIyVDf30AeRR2b14qPUxzBgo/UWstJRV4a1cTFmNoFBApW1o0DhJBcislCWN8HzoMY2wXADdtYAYRSwx/BDENbWpXExd3QFYvKG13PgsSZHooMTxRagBwTXRTJQQrB2AvBSwMfwR5I29hVxg5cW8LHCgHVjURL1poLSUZcH8xAwJWVVYCKFt0IhERGEkgEx1vXy8LTk1sNiIscQs+DjFgdyUrK2dzI3kKTB8NOhVbSVoZOGAANRspRV0GMBl4Ug
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3000), with no line terminators
Hash d568bef12e40f39b511017c926149843
5f9ca690ba10b2c1ec6979f80f5a68658bfa6cfc
ba538472a52020fe2540e909df4b3d19fa0b7801c17a4f482a618edfbd9439fb
GET /ejU5Z0kbV1oKdhsIW0E8CFkEQns8EAshLUwGWFQoDwBVFiQOQBcEJRVAXQE7FVtNSScfQRxVDx57fl5/HgV3Pwg4ZGsBDDtycQw5THdVEwIuW1o0CyteYCscKGZyDRwtcW1XJjBxdzYNHXhsIyVDf30AeRR2b14qPUxzBgo/UWstJRV4a1cTFmNoFBApW1o0DhJBcislCWN8HzoMY2wXADdtYAYRSwx/BDENbWpXExd3QFYvKG13PgsSZHooMTxRagBwTXRTJQQrB2AvBSwMfwR5I29hVxg5cW8LHCgHVjURL1poLSUZcH8xAwJWVVYCKFt0IhERGEkgEx1vXy8LTk1sNiIscQs+DjFgdyUrK2dzI3kKTB8NOhVbSVoZOGAANRspRV0GMBl4Ug HTTP/1.1
Host: lewoverthecit.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: text/html
content-length: 1159
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JW4cAA0nOZV38txwf0TLZTFeT2OEMVG9ykz2KQN4IsivusjjVP8QQd5gi0lN1POLbaq0iGGdFE1t71ijq9yy5%2FMktBI%2BmG1SJ6Ib%2BkEZ59TYBrPMKLStveYCk5MkcmQ3jl8fBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd06007909b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash c188d12765e59977002a334ff98b0a1d
5877ffd2a18ee0769e262fc9671c242307a654a6
262ef072d3c7b2530c2b4b3c4b317e98fb7eff5eac95c51d2337bd5d6610ea65
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "262EF072D3C7B2530C2B4B3C4B317E98FB7EFF5EAC95C51D2337BD5D6610EA65"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21365
Expires: Wed, 21 Sep 2022 01:34:52 GMT
Date: Tue, 20 Sep 2022 19:38:47 GMT
Connection: keep-alive
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
File type ASCII text, with very long lines (32061)
Hash b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 15:43:54 GMT
expires: Sat, 16 Sep 2023 15:43:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 359693
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ihavelearnat.xyz/V0czckw2JVAfczZ6UVQ5JSsOV34RYgE0KGF0UkEtInJfAyEjMh0RIDgyVxQ+OClHXCIyMxZACi0JZCg1BSxLJQ8FMFQRfBIXdRw4YAZfMAAzD0AmCBYCQzsnASVyKngmBnBCJwcpAiAIZhZKPCARJWIfDTARchUaMnVDIw8VAQQUHhoPdRseLwZmMwsZLn0XGy9/QTsKZwh0Nh06FkRLGRo+AzsPL3cLOBo8DHZAAnJ1cRF9GSRXHycfEV8daWUFVSMeExZiIDwVdmoXAC4NcjogM3dVN30yFXEeehYSfTAOECx7JCsWMFIjFTkUADAlFRIKKigfP2AzNHoCRzs0FRJ9Oh5vBXUoDzN0RDcdZwUBOSAgEnULDT0TZjwNFg9mNh8SDVQ9HT8fFRg/OClDTz9vIQY5Gi92Vxs
200 OK 1.2 kB URL HTTP/2 ihavelearnat.xyz/V0czckw2JVAfczZ6UVQ5JSsOV34RYgE0KGF0UkEtInJfAyEjMh0RIDgyVxQ+OClHXCIyMxZACi0JZCg1BSxLJQ8FMFQRfBIXdRw4YAZfMAAzD0AmCBYCQzsnASVyKngmBnBCJwcpAiAIZhZKPCARJWIfDTARchUaMnVDIw8VAQQUHhoPdRseLwZmMwsZLn0XGy9/QTsKZwh0Nh06FkRLGRo+AzsPL3cLOBo8DHZAAnJ1cRF9GSRXHycfEV8daWUFVSMeExZiIDwVdmoXAC4NcjogM3dVN30yFXEeehYSfTAOECx7JCsWMFIjFTkUADAlFRIKKigfP2AzNHoCRzs0FRJ9Oh5vBXUoDzN0RDcdZwUBOSAgEnULDT0TZjwNFg9mNh8SDVQ9HT8fFRg/OClDTz9vIQY5Gi92Vxs
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3012), with no line terminators
Hash 7cd2e5833e9b1262e0878d51f9b5c397
a92f58d85c2706eecaabac7842c70e6fbc2fc9b9
14ac2fa7f1d7f9d82ddbad6e6b914e82a6231f05e9aef169b7d053cf48477cdf
GET /V0czckw2JVAfczZ6UVQ5JSsOV34RYgE0KGF0UkEtInJfAyEjMh0RIDgyVxQ+OClHXCIyMxZACi0JZCg1BSxLJQ8FMFQRfBIXdRw4YAZfMAAzD0AmCBYCQzsnASVyKngmBnBCJwcpAiAIZhZKPCARJWIfDTARchUaMnVDIw8VAQQUHhoPdRseLwZmMwsZLn0XGy9/QTsKZwh0Nh06FkRLGRo+AzsPL3cLOBo8DHZAAnJ1cRF9GSRXHycfEV8daWUFVSMeExZiIDwVdmoXAC4NcjogM3dVN30yFXEeehYSfTAOECx7JCsWMFIjFTkUADAlFRIKKigfP2AzNHoCRzs0FRJ9Oh5vBXUoDzN0RDcdZwUBOSAgEnULDT0TZjwNFg9mNh8SDVQ9HT8fFRg/OClDTz9vIQY5Gi92Vxs HTTP/1.1
Host: ihavelearnat.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1167
date: Tue, 20 Sep 2022 19:38:47 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aOCXhSh92ufQF_BIfS-IF-utOh0e4VgWBDistKyHsCdo3RNfna9x5A==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 9aeb5bd9e1cbe4266c0454003b9af431
5f5fd069c5da0b300b956906052070b0481633f3
3de51afd1d72b0c18806f80cd7f832e690983b26f94963e9158d018b1e40a95c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 16:00:46 GMT
ETag: "5f5fd069c5da0b300b956906052070b0481633f3"
Last-Modified: Tue, 20 Sep 2022 16:00:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2818
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dd0601aa3fb505-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 81fa7001b4b94f54d2ab4f3237ecaabb
e21bb07f34d9bed91f5caac3f9a83e9600a5652c
0ecbe6e0c5198d792a0eeb4197c88ec1d3a9f8b215efae7a6bb87776f7673b6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cobalten.com/apu.php?zoneid=1301325
403 Forbidden 968 B URL HTTP/2 cobalten.com/apu.php?zoneid=1301325
IP
File type ASCII text, with very long lines (801)
Hash 15b706f424efc3110dc2332374e7c462
dc89d725293fcfae12c101af501caa3f0eb2c8f2
0403dff1dbc7c617d8b34719b4934f76884c01b30203004746e3061067bc49ae
GET /apu.php?zoneid=1301325 HTTP/1.1
Host: cobalten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acompanhantesembrasil.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Tue, 20 Sep 2022 19:38:48 GMT
content-type: application/javascript
content-length: 968
x-trace-id: 6f30ac35c6e2ba99064cd1264db203ee
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 20 Sep 2022 19:38:48 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+730; expires=Thu, 19-Sep-2024 19:38:48 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Sep 2022 19:38:48 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2977
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 20 Sep 2022 19:38:48 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+607; expires=Thu, 19-Sep-2024 19:38:48 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Sep 2022 19:38:48 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c53364cae0510b97de38fb4b3396ff56
d6088b7fe775ebc077d116271fbe7fce898c06f0
2df909d86d97fbb9a27dd94ca9335ea29eae8f9325fccc8d0ef00a4f7cd7cdc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widgets.asdpoi.com/_affiliate/hubtraffic/saved/10022208/video_page.10022208-2-preview_14989631021366235.js?1498963103
404 Not Found 162 B URL HTTP/1.1 widgets.asdpoi.com/_affiliate/hubtraffic/saved/10022208/video_page.10022208-2-preview_14989631021366235.js?1498963103
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /_affiliate/hubtraffic/saved/10022208/video_page.10022208-2-preview_14989631021366235.js?1498963103 HTTP/1.1
Host: widgets.asdpoi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
server: nginx
date: Tue, 20 Sep 2022 19:38:48 GMT
content-type: text/html
content-length: 162
set-cookie: RNLBSERVERID=ded7333; path=/
cache-control: private
x-request-id: 632A16C7-D812A81E01BBD4DD-11A04131
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 668 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1034), with no line terminators
Hash a885189cd9a522cfaaac98af1a03b512
a4045ce6f8d8e14582bb5245694d73b40da7f0f7
6afe80cbbc72285aa8f73e7d64bdeb755148410a8ec6c0eb13df255548ef17ad
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 19:38:48 GMT
date: Tue, 20 Sep 2022 19:38:48 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dcba.popcash.net/znWaa3gu
204 No Content 0 B URL HTTP/2 dcba.popcash.net/znWaa3gu
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /znWaa3gu HTTP/1.1
Host: dcba.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 20 Sep 2022 19:38:48 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 36d076d3dc471059ffc8bcd79a13201b
2a1754624fb536546f0bae0852dafe912eaf7c7a
00481bda4a9ace71d1e40cae3a6aaadee530ad68e9695d73f5f85af7a3e6f97c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 20 Sep 2022 19:38:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 19 Sep 2022 22:12:40 GMT
Expires: Tue, 20 Sep 2022 22:12:40 GMT
ETag: "2a1754624fb536546f0bae0852dafe912eaf7c7a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
recs.engageya.com/rec-api/getrecs.json?cb=engageya_cb_14378010090887472&pubid=183228&webid=168009&wid=114053&recsnum=15&url=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&cs=UTF-8&subid=&title=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C&kwrds=&sessionid=156c20b6-0923-9592-530e-648db9e6fbf8&rndid=14378010090887472&psid=7d4a7cec-c7c5-d262-3965-c554436a9d22&is_gdpr=0&gdpr_consent=
200 OK 2.3 kB URL HTTP/1.1 recs.engageya.com/rec-api/getrecs.json?cb=engageya_cb_14378010090887472&pubid=183228&webid=168009&wid=114053&recsnum=15&url=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&cs=UTF-8&subid=&title=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C&kwrds=&sessionid=156c20b6-0923-9592-530e-648db9e6fbf8&rndid=14378010090887472&psid=7d4a7cec-c7c5-d262-3965-c554436a9d22&is_gdpr=0&gdpr_consent=
IP
File type ASCII text, with very long lines (4700), with no line terminators
Hash 1e8d8b04a5d1d3fe2d97f13c74da7ce6
a0d3588b9d6dfbd85c504d74bfaf87afdd9df441
b87cef7313faa15fb8d11cc67bd36fbdd0aac992e2b4a37d47f9c0d2c123d64d
GET /rec-api/getrecs.json?cb=engageya_cb_14378010090887472&pubid=183228&webid=168009&wid=114053&recsnum=15&url=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&cs=UTF-8&subid=&title=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C&kwrds=&sessionid=156c20b6-0923-9592-530e-648db9e6fbf8&rndid=14378010090887472&psid=7d4a7cec-c7c5-d262-3965-c554436a9d22&is_gdpr=0&gdpr_consent= HTTP/1.1
Host: recs.engageya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:48 GMT
content-type: application/javascript;charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
set-cookie: gitvps="OJlfZA=="; Version=1; Domain=.engageya.com; Max-Age=31536000; Expires=Wed, 20-Sep-2023 19:38:48 GMT; Path=/; Secure
gituid=046235aa-3c15-442e-beba-41bf89b4c084; Domain=.engageya.com; Expires=Wed, 20-Sep-2023 19:38:48 GMT; Path=/; Secure
engcsc=AACpEwAAAYNcaP4+; Domain=.engageya.com; Expires=Tue, 27-Sep-2022 19:38:48 GMT; Path=/; Secure
pragma: no-cache
cache-control: no-cache, no-store, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-language: en-US
content-encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 211389209dc59f82ba8ea5366c261d71
bfe1ff84baa6c6350f3ceb037d34b6a877577080
d4d162a1eeccec92ad363dd72a62c60f8396fc1e862a31bde2a723cd965c86dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4D162A1EECCEC92AD363DD72A62C60F8396FC1E862A31BDE2A723CD965C86DD"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3783
Expires: Tue, 20 Sep 2022 20:41:51 GMT
Date: Tue, 20 Sep 2022 19:38:48 GMT
Connection: keep-alive
widget.engageya.com/eng_crt_loader_new.js
200 OK 3.5 kB URL HTTP/1.1 widget.engageya.com/eng_crt_loader_new.js
IP
File type ASCII text, with very long lines (323)
Hash 6ef7ab1c4563575b6486c76e23502fc9
eeb57e2bac10ba5ee6d807c6ea145bf70652db68
81928234d9b5fda1175706f64034f240ff9516d1075a882cf23cd93ca19e65c2
GET /eng_crt_loader_new.js HTTP/1.1
Host: widget.engageya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 19 Sep 2022 12:53:35 GMT
ETag: W/"6328664f-3854"
Content-Encoding: gzip
Content-Length: 3526
Cache-Control: max-age=7200
Expires: Tue, 20 Sep 2022 21:38:48 GMT
Date: Tue, 20 Sep 2022 19:38:48 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.stats4u.net/s4u.js
200 OK 11 kB IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (30225)
Hash e06efb25e11bcb2196650b245fe36dfd
160029d9d43b5a70eafe735e2634292204312dd8
a34ff73f0edea1622ac683fa2bea7f17c5a958a1270fd13000a008a8c4a943da
GET /s4u.js HTTP/1.1
Host: www.stats4u.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:48 GMT
Server: Apache
Last-Modified: Sun, 04 Mar 2018 13:21:10 GMT
ETag: "7612-56696152dbd80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close
Content-Length: 10610
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash dc420ef38841fb19f5670ada2b7fe992
f28ab3c61d86eb05cc2c35007a6b36ccbaf3dead
56f6e3b0eda24caf080251a048daa4e615038b90887f7f56a198153627edae1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget.engageya.com/img/eng_logo.png
200 OK 383 B URL HTTP/1.1 widget.engageya.com/img/eng_logo.png
IP
File type PNG image data, 41 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dd3668a91d49a2854b86e2fb12b73d90
7740d14e1a9c19f90ab7e5946eb0de03216eaf61
50aa690f3886582dc1442f5b63dc1119468b3f4bbc21a4e5e50d8a04810c3566
GET /img/eng_logo.png HTTP/1.1
Host: widget.engageya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 383
Last-Modified: Mon, 19 Sep 2022 12:53:36 GMT
ETag: "63286650-17f"
Accept-Ranges: bytes
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 19:38:48 GMT
Date: Tue, 20 Sep 2022 19:38:48 GMT
Connection: keep-alive
d63a3au5lqmtu.cloudfront.net/zNWZyRkxWCRwgc0EPFnt7AlBLdHsTDAEpIkVbAX4qAC0kPn1RD1QyNlFbQmAgVAgVe2pQCBF7fRMHFiRxAUAGNiNeWx8rIF0OGDQmQw9UMy0ICx08JVkKE2N+c1NcdmkHVlo+fQRDQQRpB1YeLyJAHld0fE1eRBl6AUNBBGkHVgAwaQYnS3BiBU9XdHxSAx-EtIxBUNHR8BFZCd3wEQ0B2KlwUFyAjTUNAAHUDSEJgOQhX
200 OK 448 B URL HTTP/2 d63a3au5lqmtu.cloudfront.net/zNWZyRkxWCRwgc0EPFnt7AlBLdHsTDAEpIkVbAX4qAC0kPn1RD1QyNlFbQmAgVAgVe2pQCBF7fRMHFiRxAUAGNiNeWx8rIF0OGDQmQw9UMy0ICx08JVkKE2N+c1NcdmkHVlo+fQRDQQRpB1YeLyJAHld0fE1eRBl6AUNBBGkHVgAwaQYnS3BiBU9XdHxSAx-EtIxBUNHR8BFZCd3wEQ0B2KlwUFyAjTUNAAHUDSEJgOQhX
IP
File type ASCII text, with very long lines (586), with no line terminators
Hash bf3f064cb9dfb176cc7dc0cfebd2a70b
d898d9f32fdec8dc97d81dee5959754d1635648c
39d9407d9626c331867e3c43a3b039e1058332cbf0dedadb3234a61e077c4151
Analyzer Verdict Alert fortinet Malware
GET /zNWZyRkxWCRwgc0EPFnt7AlBLdHsTDAEpIkVbAX4qAC0kPn1RD1QyNlFbQmAgVAgVe2pQCBF7fRMHFiRxAUAGNiNeWx8rIF0OGDQmQw9UMy0ICx08JVkKE2N+c1NcdmkHVlo+fQRDQQRpB1YeLyJAHld0fE1eRBl6AUNBBGkHVgAwaQYnS3BiBU9XdHxSAx-EtIxBUNHR8BFZCd3wEQ0B2KlwUFyAjTUNAAHUDSEJgOQhX HTTP/1.1
Host: d63a3au5lqmtu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ihavelearnat.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 448
date: Tue, 20 Sep 2022 19:38:48 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YwRHU-al6OV_Qz3WRGMzEhARJPMG15huNnP500l46Mje3p71lPE-tw==
X-Firefox-Spdy: h2
d63a3au5lqmtu.cloudfront.net/dNG96d0NXABQRfEAGHkp6BltKTncSBQkYLURSKjUWDT0oJDNQDgMUDl9JDg0nCV9cGyJaCEdRJloMR0ZlVQsYSncSGhtKLlsVExsvVUpIMXYaX19FcxwXS0ZmBy1fRXNYBhQCOxFdSg97AjBMQ2YHLV9Fc0YZX0QCDVlUR2oRXUoQJlcEFVJxcl1KRnMEXk-pGZgZfHB4xUQkVD2YGKUNBbQRJD0py
200 OK 190 B URL HTTP/2 d63a3au5lqmtu.cloudfront.net/dNG96d0NXABQRfEAGHkp6BltKTncSBQkYLURSKjUWDT0oJDNQDgMUDl9JDg0nCV9cGyJaCEdRJloMR0ZlVQsYSncSGhtKLlsVExsvVUpIMXYaX19FcxwXS0ZmBy1fRXNYBhQCOxFdSg97AjBMQ2YHLV9Fc0YZX0QCDVlUR2oRXUoQJlcEFVJxcl1KRnMEXk-pGZgZfHB4xUQkVD2YGKUNBbQRJD0py
IP
File type ASCII text, with no line terminators
Hash f7e67954c68eca6c515f6d712e0c0f44
e9753040a76adf6726d3e1651ca0117ec5c02449
8eb059b2042d6f44ef7195c4e5c0fb3cb3def2bb9c836114ca03c823ec1400f2
Analyzer Verdict Alert fortinet Malware
GET /dNG96d0NXABQRfEAGHkp6BltKTncSBQkYLURSKjUWDT0oJDNQDgMUDl9JDg0nCV9cGyJaCEdRJloMR0ZlVQsYSncSGhtKLlsVExsvVUpIMXYaX19FcxwXS0ZmBy1fRXNYBhQCOxFdSg97AjBMQ2YHLV9Fc0YZX0QCDVlUR2oRXUoQJlcEFVJxcl1KRnMEXk-pGZgZfHB4xUQkVD2YGKUNBbQRJD0py HTTP/1.1
Host: d63a3au5lqmtu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lewoverthecit.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 190
date: Tue, 20 Sep 2022 19:38:48 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AJm5k15SPL1cvtJM8e9OhtURgZV1QQH60D7E5vJgPl6Abn49L7tV9w==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8794539641930605704%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByNmZjczNTcqByMxYTFhMWEyByMwMDAwMDA6ByNmZmZmZmZCByNmZjczNTdKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8655023359229600196%26origin%3Dhttps://acompanhantesembrasil.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8794539641930605704%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByNmZjczNTcqByMxYTFhMWEyByMwMDAwMDA6ByNmZmZmZmZCByNmZjczNTdKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8655023359229600196%26origin%3Dhttps://acompanhantesembrasil.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
302 Found 497 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8794539641930605704%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByNmZjczNTcqByMxYTFhMWEyByMwMDAwMDA6ByNmZmZmZmZCByNmZjczNTdKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8655023359229600196%26origin%3Dhttps://acompanhantesembrasil.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8794539641930605704%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByNmZjczNTcqByMxYTFhMWEyByMwMDAwMDA6ByNmZmZmZmZCByNmZjczNTdKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8655023359229600196%26origin%3Dhttps://acompanhantesembrasil.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (545)
Hash 3acb7b8a89f8157371540adfcc188f63
61e778bd1b0b541fafb408f395a625a2c2880b5a
cf86262ecd47a77efcb214b126321249bcb6663a2a5517552f5db8ec7b77e8b8
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8794539641930605704%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByNmZjczNTcqByMxYTFhMWEyByMwMDAwMDA6ByNmZmZmZmZCByNmZjczNTdKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8655023359229600196%26origin%3Dhttps://acompanhantesembrasil.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8794539641930605704%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByNmZjczNTcqByMxYTFhMWEyByMwMDAwMDA6ByNmZmZmZmZCByNmZjczNTdKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D8655023359229600196%26origin%3Dhttps://acompanhantesembrasil.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acompanhantesembrasil.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 20 Sep 2022 19:38:48 GMT
location: https://www.blogger.com/followers.g?blogID=8794539641930605704&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByNmZmZmZmYiByNmZjczNTcqByMxYTFhMWEyByMwMDAwMDA6ByNmZmZmZmZCByNmZjczNTdKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=8655023359229600196&origin=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-Tmt7w1fWbLuvD2ymocGpRQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 497
server: GSE
set-cookie: __Host-GAPS=1:jjYsT24R5zLmB5i06U1Zr5TJY1MAZg:evKntyY7ZJlS9FAo;Path=/;Expires=Thu, 19-Sep-2024 19:38:48 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
recs.engageya.com/rec-api/widget/log.json?message=MGID%20tracker%20fired:%20https://cm.mgid.com/m?cdsp=363889&adu=https%3A%2F%2Fucs01.engageya.com%2Frec-api%2Fcookiesync.json%3Fsspkey%3DMgidCPC%26sspuserid%3D046235aa-3c15-442e-beba-41bf89b4c084%26dspuserid%3D%7Bmuidn%7D%20|%20requestId:%2029913e77-82ce-4cbc-a11a-2a537225c297%20|%20postID:%20949575524
200 OK 22 B URL HTTP/1.1 recs.engageya.com/rec-api/widget/log.json?message=MGID%20tracker%20fired:%20https://cm.mgid.com/m?cdsp=363889&adu=https%3A%2F%2Fucs01.engageya.com%2Frec-api%2Fcookiesync.json%3Fsspkey%3DMgidCPC%26sspuserid%3D046235aa-3c15-442e-beba-41bf89b4c084%26dspuserid%3D%7Bmuidn%7D%20|%20requestId:%2029913e77-82ce-4cbc-a11a-2a537225c297%20|%20postID:%20949575524
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /rec-api/widget/log.json?message=MGID%20tracker%20fired:%20https://cm.mgid.com/m?cdsp=363889&adu=https%3A%2F%2Fucs01.engageya.com%2Frec-api%2Fcookiesync.json%3Fsspkey%3DMgidCPC%26sspuserid%3D046235aa-3c15-442e-beba-41bf89b4c084%26dspuserid%3D%7Bmuidn%7D%20|%20requestId:%2029913e77-82ce-4cbc-a11a-2a537225c297%20|%20postID:%20949575524 HTTP/1.1
Host: recs.engageya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:48 GMT
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
pragma: no-cache
cache-control: no-cache, no-store, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-language: en-US
content-encoding: gzip
cm.mgid.com/m?cdsp=363889&adu=https%3A%2F%2Fucs01.engageya.com%2Frec-api%2Fcookiesync.json%3Fsspkey%3DMgidCPC%26sspuserid%3D046235aa-3c15-442e-beba-41bf89b4c084%26dspuserid%3D%7Bmuidn%7D
200 OK 43 B URL HTTP/2 cm.mgid.com/m?cdsp=363889&adu=https%3A%2F%2Fucs01.engageya.com%2Frec-api%2Fcookiesync.json%3Fsspkey%3DMgidCPC%26sspuserid%3D046235aa-3c15-442e-beba-41bf89b4c084%26dspuserid%3D%7Bmuidn%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /m?cdsp=363889&adu=https%3A%2F%2Fucs01.engageya.com%2Frec-api%2Fcookiesync.json%3Fsspkey%3DMgidCPC%26sspuserid%3D046235aa-3c15-442e-beba-41bf89b4c084%26dspuserid%3D%7Bmuidn%7D HTTP/1.1
Host: cm.mgid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:48 GMT
content-type: image/gif
content-length: 43
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=Uwmw9PqF1n2HOZcNBbUq12GHRpOniJJb9mQqvk.uJFM-1663702728-0-AeAjtEXRsqAs0HShekXuq/j6i4t5TNVqJ1S5DOWpDyp9y2D7nlR17PCmkxViUWWmWdAwM9XsoYHnDqfUnHOlS/A=; path=/; expires=Tue, 20-Sep-22 20:08:48 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74dd0603fd72b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.stats4u.net/index.php?action=pic&s4uid=1291857&s4ustyleid=17&is_js=1&is_activex=0&accept_cookies=1&screen_width=1280&screen_height=1024&shockwave_flash=0&real_player=0&sndref=&is_flash=0&is_wmp=0&is_java=0&is_quicktime=0&is_acrobat=0&is_svg=0&browsername=Netscape&browserver=5&browserappcodename=Mozilla&platform=Linux%20x86_64&rbrowser=FireFox%209.0&os=Linux&dahash=400819c83ca3b68c587128d52c343b8d&pluginsencoded=
200 OK 43 B URL HTTP/1.1 www.stats4u.net/index.php?action=pic&s4uid=1291857&s4ustyleid=17&is_js=1&is_activex=0&accept_cookies=1&screen_width=1280&screen_height=1024&shockwave_flash=0&real_player=0&sndref=&is_flash=0&is_wmp=0&is_java=0&is_quicktime=0&is_acrobat=0&is_svg=0&browsername=Netscape&browserver=5&browserappcodename=Mozilla&platform=Linux%20x86_64&rbrowser=FireFox%209.0&os=Linux&dahash=400819c83ca3b68c587128d52c343b8d&pluginsencoded=
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 46da743621a871e48cccbb9d1c99cccc
86a108e63a9ec72855bd9bf794297ed1ac4c9704
1a35536d90b735ac4c624a19bd16ebe7c9e8f9fc6b061d8598a2d42766580174
GET /index.php?action=pic&s4uid=1291857&s4ustyleid=17&is_js=1&is_activex=0&accept_cookies=1&screen_width=1280&screen_height=1024&shockwave_flash=0&real_player=0&sndref=&is_flash=0&is_wmp=0&is_java=0&is_quicktime=0&is_acrobat=0&is_svg=0&browsername=Netscape&browserver=5&browserappcodename=Mozilla&platform=Linux%20x86_64&rbrowser=FireFox%209.0&os=Linux&dahash=400819c83ca3b68c587128d52c343b8d&pluginsencoded= HTTP/1.1
Host: www.stats4u.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:48 GMT
Server: Apache
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Connection: close
Set-Cookie: sttemp=243f7dafe4eeb76d22e0947132d6cbcd; expires=Mon, 11-Sep-2023 19:38:48 GMT; Max-Age=30758400; path=/; domain=.stats4u.net; secure
Transfer-Encoding: chunked
Content-Type: image/gif
ocsp.sectigo.com/
200 OK 471 B IP
Hash fa8074bbacdf35af79b5d15f43769a37
253b5ddbfd914f29bf39a4b95134975bdcbf342d
3aab74c7c3f12f1acdc1bf2992b05a5198b5e2f1bc978098f4e338f070645d7d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 08:39:48 GMT
Expires: Tue, 27 Sep 2022 08:39:47 GMT
Etag: "253b5ddbfd914f29bf39a4b95134975bdcbf342d"
Cache-Control: max-age=564658,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd06047fd2b4ee-OSL
www.stats4u.net/ssl/mt/id.php
200 OK 106 B URL HTTP/1.1 www.stats4u.net/ssl/mt/id.php
IP
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with CRLF line terminators
Hash 2c7b130024b777b945a5df36654206fb
8d751ab5ef4731a2121453f4f8d08e18e33ec6cd
264a1c8f8cfa6d541e8db5b472eecaafce3d5b4f121a0cbe59a391974585d5a1
GET /ssl/mt/id.php HTTP/1.1
Host: www.stats4u.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:48 GMT
Server: Apache
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/xml;charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6921
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:38:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6921
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:38:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6921
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:38:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6921
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:38:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6921
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:38:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 77503
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 78524
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 02:46:17 GMT
age: 60751
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 76518
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 77775
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
age: 77752
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
service.supercounters.com/fc.php?id=1408154&v=1&w=3&nv=10&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref=&url=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&title=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&sw=1280&sh=1024&rand=80
200 OK 548 B URL HTTP/1.1 service.supercounters.com/fc.php?id=1408154&v=1&w=3&nv=10&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref=&url=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&title=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&sw=1280&sh=1024&rand=80
IP
File type ASCII text, with very long lines (1639), with CRLF line terminators
Hash 47b2c61f5a8fb2615da4be6830e824f2
92cfee014d14b1b14acf527115e368bcabe68b1f
24dd6389706d74ced7d6ddae7a04fe8de119703de91f3491612814311e160765
GET /fc.php?id=1408154&v=1&w=3&nv=10&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref=&url=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&title=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&sw=1280&sh=1024&rand=80 HTTP/1.1
Host: service.supercounters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 20 Sep 2022 19:38:48 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a25f552e73c46df4b5d456f8f9978310
ef149330b52165b0908bef96dc16ee370f0193cc
7552febbeb8671e200af6c1ff2a7613ca9cbf0e8c6fef4866ef3aeda405fbd18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7552FEBBEB8671E200AF6C1FF2A7613CA9CBF0E8C6FEF4866EF3AEDA405FBD18"
Last-Modified: Tue, 20 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14652
Expires: Tue, 20 Sep 2022 23:43:01 GMT
Date: Tue, 20 Sep 2022 19:38:49 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash f04398570aeb69beac274c4edb96b5f7
d8264e61cccac0a903f8bb5759628ff3d2b26137
a63d4494b36d2a42a665bcac76a58e96d371f602578f56471f07d986b247f38c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4615
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:48 GMT
Last-Modified: Tue, 20 Sep 2022 18:21:53 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 312 B IP
Hash 0140b4f83d7db71c84ced02d4ed0eae7
9817bf004522b8ce9062059aa4eea5f1cbedc2f2
a847317f5049c31afcf7b9b07790be4c99a869c5b7b0129fb5bc4d52ec75f569
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5596
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:49 GMT
Last-Modified: Tue, 20 Sep 2022 18:05:33 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 312
ihavelearnat.xyz/utx?cb=y9GTgHRwieE9&top=acompanhantesembrasil.blogspot.com&tid=776927
204 No Content 0 B URL HTTP/2 ihavelearnat.xyz/utx?cb=y9GTgHRwieE9&top=acompanhantesembrasil.blogspot.com&tid=776927
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=y9GTgHRwieE9&top=acompanhantesembrasil.blogspot.com&tid=776927 HTTP/1.1
Host: ihavelearnat.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 20 Sep 2022 19:38:49 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://acompanhantesembrasil.blogspot.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 20 Sep 2022 19:39:49 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QeqvDMvQIX4E2zY3TZZi7dHWLMlDTmenLpBhTdnGHmjRacWDzlv0EA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4fba52f3a5369325ec24f39df01270f8
7941e039a4ac59069e23cfbdc7b03bf1a40f54de
cb623455572dc60364cc94638c7479a8357dcdbf0e3cfc7b801c1a681f40e1ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB623455572DC60364CC94638C7479A8357DCDBF0E3CFC7B801C1A681F40E1EE"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8998
Expires: Tue, 20 Sep 2022 22:08:47 GMT
Date: Tue, 20 Sep 2022 19:38:49 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash d140be59eb416b46b4151233331a5716
be029bb2ab41f829dfa0112952760ac5db303867
6288435773a3327997ab8ed381adcfda98a0d448b789fca262a5c38d0a05ab35
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 17:29:20 GMT
Expires: Tue, 27 Sep 2022 17:29:19 GMT
Etag: "be029bb2ab41f829dfa0112952760ac5db303867"
Cache-Control: max-age=596429,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd06083f35b527-OSL
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash e7425029cb87581653a2d298f1e0f1cf
8c79864e7d39c9bd209b6d051f98f4f44d92f804
1b61227954588bd684190c9897ba69590605e5d0f42e85de265506255329d2c6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "1B61227954588BD684190C9897BA69590605E5D0F42E85DE265506255329D2C6"
Last-Modified: Mon, 19 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12851
Expires: Tue, 20 Sep 2022 23:13:00 GMT
Date: Tue, 20 Sep 2022 19:38:49 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash e7425029cb87581653a2d298f1e0f1cf
8c79864e7d39c9bd209b6d051f98f4f44d92f804
1b61227954588bd684190c9897ba69590605e5d0f42e85de265506255329d2c6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "1B61227954588BD684190C9897BA69590605E5D0F42E85DE265506255329D2C6"
Last-Modified: Mon, 19 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12851
Expires: Tue, 20 Sep 2022 23:13:00 GMT
Date: Tue, 20 Sep 2022 19:38:49 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:29:35 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 175112901
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
d3p2b5qewrnsyv.cloudfront.net/FcVpzQ1cSNR0laAUzF35hSGhLdGVXMAAsOQFnCRIAQAIyD2AraVU3LRVnQ2U7EDQUfnEUNBB+Zlc7FyFqQXwHMzgaZwYtMxQ8Gi0yFXwGImocNQkqOx07VnERRHRDZmVBcgtyZlRpMWZlQTYaLSIJf0FzL0lsLHVjVGkxZmVBKAVmZDBjRW1nWH9BczAUOR-gsckMcQXNmQWpCc2ZUaEMlPgM/FSwvVGg1emFfalU2akA
200 OK 224 B URL HTTP/2 d3p2b5qewrnsyv.cloudfront.net/FcVpzQ1cSNR0laAUzF35hSGhLdGVXMAAsOQFnCRIAQAIyD2AraVU3LRVnQ2U7EDQUfnEUNBB+Zlc7FyFqQXwHMzgaZwYtMxQ8Gi0yFXwGImocNQkqOx07VnERRHRDZmVBcgtyZlRpMWZlQTYaLSIJf0FzL0lsLHVjVGkxZmVBKAVmZDBjRW1nWH9BczAUOR-gsckMcQXNmQWpCc2ZUaEMlPgM/FSwvVGg1emFfalU2akA
IP
File type ASCII text, with no line terminators
Hash 3f5230a357cf618ff435b506aa0a3002
6d2c362f9951bf08802463d801c3a9dd7bb2ab95
a7d8237ecb896fdb5b68d77e4fabe7b928f594f8c00c30adaeea958a5d7c1cae
GET /FcVpzQ1cSNR0laAUzF35hSGhLdGVXMAAsOQFnCRIAQAIyD2AraVU3LRVnQ2U7EDQUfnEUNBB+Zlc7FyFqQXwHMzgaZwYtMxQ8Gi0yFXwGImocNQkqOx07VnERRHRDZmVBcgtyZlRpMWZlQTYaLSIJf0FzL0lsLHVjVGkxZmVBKAVmZDBjRW1nWH9BczAUOR-gsckMcQXNmQWpCc2ZUaEMlPgM/FSwvVGg1emFfalU2akA HTTP/1.1
Host: d3p2b5qewrnsyv.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 224
date: Tue, 20 Sep 2022 19:38:49 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GS4R_s5D55oyudLHmz-V2ohDexNkaVTfDU8zmnhY8ejgMnW525QJTA==
X-Firefox-Spdy: h2
ad.a-ads.com/1354558?size=728x90
200 OK 4.7 kB URL HTTP/2 ad.a-ads.com/1354558?size=728x90
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Hash 0234e2cbaf7bf2b349a9df428e6eaddf
ce3e95649a3bb45787ff22c0aca7d69fd53862bb
072735b84298beac4bd405e994313f4375a88c28aa6c1d520909f393b644c70b
GET /1354558?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://acompanhantesembrasil.blogspot.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash f04398570aeb69beac274c4edb96b5f7
d8264e61cccac0a903f8bb5759628ff3d2b26137
a63d4494b36d2a42a665bcac76a58e96d371f602578f56471f07d986b247f38c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4616
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:49 GMT
Last-Modified: Tue, 20 Sep 2022 18:21:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
200 OK 472 B IP
Hash d140be59eb416b46b4151233331a5716
be029bb2ab41f829dfa0112952760ac5db303867
6288435773a3327997ab8ed381adcfda98a0d448b789fca262a5c38d0a05ab35
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 17:29:20 GMT
Expires: Tue, 27 Sep 2022 17:29:19 GMT
Etag: "be029bb2ab41f829dfa0112952760ac5db303867"
Cache-Control: max-age=596429,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd06084d07b4ee-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 347101eaf4abd824d73c8710776b2442
9ad6798d286b54bbdb2a43a52dae641334cb50b5
3a5b0c3ea534b4af5e75ec5128e6b6e2f44c4d0ed7e41688db0577576c6ced14
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 05:56:48 GMT
Expires: Sun, 25 Sep 2022 05:56:47 GMT
Etag: "9ad6798d286b54bbdb2a43a52dae641334cb50b5"
Cache-Control: max-age=382077,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd060968ffb527-OSL
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash e7425029cb87581653a2d298f1e0f1cf
8c79864e7d39c9bd209b6d051f98f4f44d92f804
1b61227954588bd684190c9897ba69590605e5d0f42e85de265506255329d2c6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "1B61227954588BD684190C9897BA69590605E5D0F42E85DE265506255329D2C6"
Last-Modified: Mon, 19 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12851
Expires: Tue, 20 Sep 2022 23:13:00 GMT
Date: Tue, 20 Sep 2022 19:38:49 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash f04398570aeb69beac274c4edb96b5f7
d8264e61cccac0a903f8bb5759628ff3d2b26137
a63d4494b36d2a42a665bcac76a58e96d371f602578f56471f07d986b247f38c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:49 GMT
Server: ECS (amb/6B77)
Content-Length: 279
ocsp.sectigo.com/
200 OK 472 B IP
Hash d140be59eb416b46b4151233331a5716
be029bb2ab41f829dfa0112952760ac5db303867
6288435773a3327997ab8ed381adcfda98a0d448b789fca262a5c38d0a05ab35
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 17:29:20 GMT
Expires: Tue, 27 Sep 2022 17:29:19 GMT
Etag: "be029bb2ab41f829dfa0112952760ac5db303867"
Cache-Control: max-age=596429,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd06087d7a0b65-OSL
t.dtscout.com/i/?l=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&j=
200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&j=
IP
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: ger1
Set-Cookie: m=1; Domain=dtscout.com; Expires=Tue, 20-Sep-2022 21:02:09 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Tue, 20-Sep-2022 23:38:49 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1663702729; Domain=dtscout.com; Expires=Thu, 29-Dec-2022 19:38:49 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 0.541
Expires: Tue, 20 Sep 2022 19:38:48 GMT
Cache-Control: no-cache
pogothere.xyz/
200 OK 171 kB IP
File type ASCII text, with no line terminators
Size 171 kB (171053 bytes)
Hash bfdfcd3255f307b5d1a593c99250908c
ccbc62a3b6eecb4ae9eae0ed5b92d650f63d5282
e6d00cb6b507b8a66ac597b0acf681ac7070d25be713d6b1fcbdfec7a13cde7c
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acompanhantesembrasil.blogspot.com/
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: text/plain
set-cookie: csu=1097599784759315@1@1663702729; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://acompanhantesembrasil.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7HSI6h4qslJRRLbaoi5iolzHe%2BUEMmKpLBKlZy2%2BYXvsyVRwCMwiv%2B%2BDU7zpU2WNlyzIPUuB2Wohaxnhanngec%2BP%2BlSZsaNjBkC2G2Q%2BoKMiqbwbuZJkG9hB4cyY2tF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd06098b5a7549-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&j=
200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&j=
IP
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Cookie: m=1; oa=1; df=1663702729
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: ger1
Set-Cookie: m=2; Domain=dtscout.com; Expires=Tue, 20-Sep-2022 21:02:09 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=2; Domain=dtscout.com; Expires=Tue, 20-Sep-2022 23:38:49 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
X-T: 0.604
Expires: Tue, 20 Sep 2022 19:38:48 GMT
Cache-Control: no-cache
t.dtscout.com/pv/?_a=v&_h=acompanhantesembrasil.blogspot.com&_ss=4k52i9s73r&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2xz7&_cb=_dtspv.c
200 OK 51 B URL HTTP/1.1 t.dtscout.com/pv/?_a=v&_h=acompanhantesembrasil.blogspot.com&_ss=4k52i9s73r&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2xz7&_cb=_dtspv.c
IP
File type ASCII text, with no line terminators
Hash 237f6b697d755beb6deb22c8ae3105c3
8e30f89bc5c1487dc9cd5db66a545637d3afc6bb
411c30713a2d933e1c5ded01750809934d2b6f6e2e8ed58aec5eb220cf8c47d4
GET /pv/?_a=v&_h=acompanhantesembrasil.blogspot.com&_ss=4k52i9s73r&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2xz7&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Cookie: m=1; oa=1; df=1663702729
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.128
X-C: 0
Expires: Tue, 20 Sep 2022 19:38:48 GMT
Cache-Control: no-cache
t.dtscout.com/i/?l=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&j=
200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&j=
IP
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Cookie: m=1; oa=1; df=1663702729
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: ger1
Set-Cookie: m=2; Domain=dtscout.com; Expires=Tue, 20-Sep-2022 21:02:09 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=2; Domain=dtscout.com; Expires=Tue, 20-Sep-2022 23:38:49 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
X-T: 0.627
Expires: Tue, 20 Sep 2022 19:38:48 GMT
Cache-Control: no-cache
ocsp.sectigo.com/
200 OK 471 B IP
Hash e9fc8abba1e523adf136edc1b54ecba7
0f0a2f5d305e07527ced7b2e1bee472e7a153e42
1c71da191be8b63c297486f9c1863a5a9d59d6af57abc149b3fa2be39faa786d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 12:11:05 GMT
Expires: Sun, 25 Sep 2022 12:11:04 GMT
Etag: "0f0a2f5d305e07527ced7b2e1bee472e7a153e42"
Cache-Control: max-age=404534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd0609def5b4ee-OSL
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 9b6f587d2674815209cc161bdaa24e1f
bd4d5f167515917cb6588470a1a2bf2296636163
395d2d748970c327c5a142da500fdbdeb0b36d2d167a278af54cdca4c51dbc57
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "395D2D748970C327C5A142DA500FDBDEB0B36D2D167A278AF54CDCA4C51DBC57"
Last-Modified: Mon, 19 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9492
Expires: Tue, 20 Sep 2022 22:17:01 GMT
Date: Tue, 20 Sep 2022 19:38:49 GMT
Connection: keep-alive
server2.web-stat.com/1/1450728/log6_2.js
301 Moved Permanently 556 B URL HTTP/2 server2.web-stat.com/1/1450728/log6_2.js
IP
Hash 03d0d6b972f33f9f24bdb072beac3858
e985ca74bc9f03e0ce36af7150026187c97f5015
a40a785c293750d3c522aa834b4a07dff66bfe40f47aa05eb7c11807c311a841
GET /1/1450728/log6_2.js HTTP/1.1
Host: server2.web-stat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: text/html; charset=iso-8859-1
location: https://wts.one/1/1450728/log6_2.js
strict-transport-security: max-age=63072000; includeSubDomains
x-cache-info: cached
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BJk7mXi1EtPqC6otjUoSUEVZAKWZioDzZmHcmNdgA%2F6y4w16gqkUsL7%2BqsOTnVl5vfzlj%2FMiFwEzC%2BTbzaapzrm%2BAxpq4yKhdR1xNBTM3Y2pG7p%2Bpr8I28i0tbP0POk2084x%2FyV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd06084ad00b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?ptv=130&profileId=184&cb=29786993116
200 OK 164 B URL HTTP/2 bidder.criteo.com/cdb?ptv=130&profileId=184&cb=29786993116
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 24619325367a3a4975b9c438965d4d23
fd3dde7cf04a95e4444d511ee5aacac914d34f0d
7a50bf512540a3bb9b94e8a66683a7825ba687e40f35deb9b013ea6b46144c37
POST /cdb?ptv=130&profileId=184&cb=29786993116 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 641
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://acompanhantesembrasil.blogspot.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 164
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
6.adsco.re/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://acompanhantesembrasil.blogspot.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd060cae200afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ihavelearnat.xyz/multi?cs=Tk5BakR2dnNYfHl7cVJwe3Z3WHU&abt=0&red=1&sm=76&k=acompanhantes%20puta%20prostituta%20alto%20mirela%20marilia%20acompanhante%20morena%20garota%20programa%20brasil%20luxo&v=1.0.59.1&sts=0&prn=0&emb=0&tid=776927&fs=1&ref=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_QwEp=1663702729242&crc=1
200 OK 1.6 kB URL HTTP/2 ihavelearnat.xyz/multi?cs=Tk5BakR2dnNYfHl7cVJwe3Z3WHU&abt=0&red=1&sm=76&k=acompanhantes%20puta%20prostituta%20alto%20mirela%20marilia%20acompanhante%20morena%20garota%20programa%20brasil%20luxo&v=1.0.59.1&sts=0&prn=0&emb=0&tid=776927&fs=1&ref=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_QwEp=1663702729242&crc=1
IP
File type ASCII text, with very long lines (3374), with no line terminators
Hash 16a234d9c4cf038c5de403782a7d121b
e205e7bd2d1a97a1b786aaf1a71e4235590b24f4
3ae2038bd4d21583cdc57fd87ead47999c782a3c2862f2fa4c6e09caaee3cdd8
GET /multi?cs=Tk5BakR2dnNYfHl7cVJwe3Z3WHU&abt=0&red=1&sm=76&k=acompanhantes%20puta%20prostituta%20alto%20mirela%20marilia%20acompanhante%20morena%20garota%20programa%20brasil%20luxo&v=1.0.59.1&sts=0&prn=0&emb=0&tid=776927&fs=1&ref=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_QwEp=1663702729242&crc=1 HTTP/1.1
Host: ihavelearnat.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1593
date: Tue, 20 Sep 2022 19:38:49 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://acompanhantesembrasil.blogspot.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=b238bfd5-5a39-4492-b657-51cdf9cc6777
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CW3VWwveeDr4QbPxbkcAJAq0uPh5ObBr4PyhhgWgEPGpKDOKIka-AA==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash e9fc8abba1e523adf136edc1b54ecba7
0f0a2f5d305e07527ced7b2e1bee472e7a153e42
1c71da191be8b63c297486f9c1863a5a9d59d6af57abc149b3fa2be39faa786d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 12:11:05 GMT
Expires: Sun, 25 Sep 2022 12:11:04 GMT
Etag: "0f0a2f5d305e07527ced7b2e1bee472e7a153e42"
Cache-Control: max-age=404534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd060b6c4ab527-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6f40fecd1bca6df472bb6435c3c0b8d1
55f98fa636560caf2a3e25a69334e408d9d4d7a7
7d232fb0a0507527b4ceed9637c5ffb6a180377d264edb16c0badf17ba01e15f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D232FB0A0507527B4CEED9637C5FFB6A180377D264EDB16C0BADF17BA01E15F"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10691
Expires: Tue, 20 Sep 2022 22:37:00 GMT
Date: Tue, 20 Sep 2022 19:38:49 GMT
Connection: keep-alive
ubegr90iwzvx.l4.adsco.re/
200 OK 0 B URL HTTP/1.1 ubegr90iwzvx.l4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ubegr90iwzvx.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 9b6f587d2674815209cc161bdaa24e1f
bd4d5f167515917cb6588470a1a2bf2296636163
395d2d748970c327c5a142da500fdbdeb0b36d2d167a278af54cdca4c51dbc57
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "395D2D748970C327C5A142DA500FDBDEB0B36D2D167A278AF54CDCA4C51DBC57"
Last-Modified: Mon, 19 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9492
Expires: Tue, 20 Sep 2022 22:17:01 GMT
Date: Tue, 20 Sep 2022 19:38:49 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/balloon-css/0.5.0/balloon.min.css
200 OK 1.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/balloon-css/0.5.0/balloon.min.css
IP
File type ASCII text, with very long lines (13323)
Hash 6c0426bb06173bb666d4b2b59af25c3a
fbd65d35b2fa4b245f60d423d4967b0549d5ff9c
4c6588d7f096c447b41bcd09bdae1c81b14200c9a13c8518dacf149e3e444250
GET /ajax/libs/balloon-css/0.5.0/balloon.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: text/css; charset=utf-8
content-length: 1146
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d72-340c"
last-modified: Mon, 04 May 2020 16:06:10 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6187508
expires: Sun, 10 Sep 2023 19:38:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXxcjfWw653xyLo6hABlieBMIzsNvLvpKWcg6DqEsp%2FTuChXla3D71qmiNkMBi%2BqCB6YTnwK0AYZaHH41FmnDarq8QjV7WbAL0j%2Bsn5Nv%2BzK1QfCcYfrmNI3stClWYmaJ8maMzsS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd060e38c50b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 77bb83fa8bd574512442e9403af04ba6
ca87f72081a4efcbfbff7c5b7a78c5c5a23cb297
f59fec3f0cc52a73a2fa06a87c95a2424e28ce0d9903c4f3314ddc55e5e83f79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 12:04:30 GMT
Expires: Sun, 25 Sep 2022 12:04:29 GMT
Etag: "ca87f72081a4efcbfbff7c5b7a78c5c5a23cb297"
Cache-Control: max-age=404139,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd060cfa940b65-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 28af75135d5a4caa90ebee562aa07184
e584614203f4b83aeb535b6cf22cba19217bbb14
3d34c7776d0928c1843f5d1f1648fd0bc743bbc5306cc970006fe36495919d29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D34C7776D0928C1843F5D1F1648FD0BC743BBC5306CC970006FE36495919D29"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Tue, 20 Sep 2022 21:47:49 GMT
Date: Tue, 20 Sep 2022 19:38:50 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash c8682f3d77ddbffea67a80ae35b6cdca
82b53e439f2a6550473d82880db9feaeae562edc
1b5f18f0e7d91f73dbeab5da417ae469ffff9f03e6c398059e883fa71bd741b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3211
Cache-Control: max-age=99918
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:49 GMT
Etag: "6328ed8c-116"
Expires: Wed, 21 Sep 2022 23:24:07 GMT
Last-Modified: Mon, 19 Sep 2022 22:30:36 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
s4.histats.com/stats/3821335.php?3821335&@f16&@g1&@h1&@i1&@j1663702729134&@k0&@l1&@mAcompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&@n0&@o1000&@q0&@r0&@s430&@ten-US&@u1280&@b1:119759720&@b3:1663702729&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&@w
200 OK 106 B URL HTTP/1.1 s4.histats.com/stats/3821335.php?3821335&@f16&@g1&@h1&@i1&@j1663702729134&@k0&@l1&@mAcompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&@n0&@o1000&@q0&@r0&@s430&@ten-US&@u1280&@b1:119759720&@b3:1663702729&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&@w
IP
File type ASCII text, with no line terminators
Hash e1e160416a5120edcceff455ffa162bd
ffd9eb221dc9ad45a36518b7a7504f1a4904b27f
46cd8fbb892872ede8f55e2aa9ac956271fdf22094d389a04b072f80d8563f58
GET /stats/3821335.php?3821335&@f16&@g1&@h1&@i1&@j1663702729134&@k0&@l1&@mAcompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&@n0&@o1000&@q0&@r0&@s430&@ten-US&@u1280&@b1:119759720&@b3:1663702729&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:49 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 106
Connection: close
4.adsco.re/
200 OK 62 B IP
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://acompanhantesembrasil.blogspot.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
app.ardalio.com/log7.js
200 OK 4.5 kB IP
File type HTML document, ASCII text, with very long lines (600)
Hash c1b208a0227f00457d49f96e6eb82ebc
d9ce71e8d032756c391077f5fc37334aeb1fc8aa
07e13948fb60dca625918234c1801123f828d863327770225e26a49282d3ec9b
GET /log7.js HTTP/1.1
Host: app.ardalio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:50 GMT
content-type: text/javascript
cache-control: public, max-age=14400, must-revalidate
cf-bgj: minify
cf-polished: origSize=20439
etag: W/"4fd7-5e91d27aa5787-gzip"
last-modified: Tue, 20 Sep 2022 15:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 193
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28bAKu%2FTm6vgu0TgQtavuIWlDwlYZaRcgqhAk%2BI3s3j6jV1e7Ogkly6k9mgGLCJUQApVQ%2F9MhcGp5NE4ZaXBTfdlbiSjUajEur0YqsnOGlZpa4unMJPYiVLwexzAsNyNeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd060eab7ab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ubegr90iwzvx.n4.adsco.re/
200 OK 0 B URL HTTP/1.1 ubegr90iwzvx.n4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ubegr90iwzvx.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:50 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
images9.engageya.com/2018/01/null?1663702729983
403 Forbidden 243 B URL HTTP/1.1 images9.engageya.com/2018/01/null?1663702729983
IP
File type XML 1.0 document text\012- XML document, ASCII text
Hash da80079bbc3e306dde37a5c0ef71dc5b
9e2e29ba7f5dc3935e1d34f85d40e904a51c941f
e8eb8f1e67d35544df5e0f7f5e0578d6a6876edc4f383789bb9aac9719248c0f
GET /2018/01/null?1663702729983 HTTP/1.1
Host: images9.engageya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
x-amz-request-id: J0NMT3CAJCHKY5FD
x-amz-id-2: 9Xh8csO7hFF6h+POD9E44srkNunCHKahBuI7WBBTAloEB3vi5aJEh9+gSIUnh3+LuCcpzy5SRKY=
Content-Type: application/xml
Server: AmazonS3
Content-Length: 243
Cache-Control: max-age=604800
Expires: Tue, 27 Sep 2022 19:38:50 GMT
Date: Tue, 20 Sep 2022 19:38:50 GMT
Connection: keep-alive
www.stats4u.net/ssl/mt/mt.php?s4uid=1291857&dahash=5e67ec39ecc506585dd6cf654e777f89&s4umtid=692961
200 OK 84 B URL HTTP/1.1 www.stats4u.net/ssl/mt/mt.php?s4uid=1291857&dahash=5e67ec39ecc506585dd6cf654e777f89&s4umtid=692961
IP
ASN #24940 Hetzner Online GmbH
File type XML 1.0 document text\012- XML document, ASCII text, with CRLF line terminators
Hash d195a733662ebe6a29c775d693a710d0
6beea6f025072b967b0a10d3cbdf74381c9ca42a
29cd8ff179444461adc3b6f600fb0230171fe103e29a0cea00a7a876dc00f56d
POST /ssl/mt/mt.php?s4uid=1291857&dahash=5e67ec39ecc506585dd6cf654e777f89&s4umtid=692961 HTTP/1.1
Host: www.stats4u.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 13
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:50 GMT
Server: Apache
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/xml;charset=UTF-8
adsco.re/p
200 OK 169 B IP
File type ASCII text, with no line terminators
Hash 82e1f38bb4786bba27ddf7e4fb8452b9
9e9a55d75106e4189af0db7c2f1c2e433a93dffa
0c8e87213e6bae720675a6d9dfbf0c3bf85f4ef59b78377b931e169d05ecd49d
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2854
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://acompanhantesembrasil.blogspot.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
widgets.amung.us/mappoints/heart-red.png
200 OK 882 B URL HTTP/2 widgets.amung.us/mappoints/heart-red.png
IP
File type PNG image data, 65 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash ce31948b9a6b4b60b27819c232f7d538
5b26384713a575b149f47f555477e72eacacab22
846038d4bedf9cf5bf69caeaa04dcb2404583f1fbdd8b3c13d8d60943053afd0
GET /mappoints/heart-red.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:50 GMT
content-type: image/png
content-length: 882
last-modified: Mon, 29 Aug 2022 18:12:41 GMT
etag: "630d0199-372"
expires: Tue, 20 Sep 2022 21:37:41 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 79269
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd061128170d4e-ARN
X-Firefox-Spdy: h2
s10.histats.com/counters/cc_430.js
200 OK 7.1 kB URL HTTP/2 s10.histats.com/counters/cc_430.js
IP
File type HTML document, ASCII text, with very long lines (18264), with no line terminators
Hash 89de808b3773df598a8e9d32547ad3ae
e874c3f5b6b6c1d8d537be4cc29632226c643d75
f7e10f58ce61c0fdeec8db21bf77d4c7819496fc44292c9a5aa803a29dd2d60b
GET /counters/cc_430.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:33:21 GMT
etag: "-795091056"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 23627012
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 7125
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d4371d1bf93a48ea658864e5dddd2494
5d163cb9d2810712ab9ba1e492eda87a0d1d2083
8d51a369876400f209eadead8e0ee150a4061e7783a43bdf6b9a67f97dd59f25
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D51A369876400F209EADEAD8E0EE150A4061E7783A43BDF6B9A67F97DD59F25"
Last-Modified: Mon, 19 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7568
Expires: Tue, 20 Sep 2022 21:44:58 GMT
Date: Tue, 20 Sep 2022 19:38:50 GMT
Connection: keep-alive
widgets.amung.us/mapbacks/green.jpg
200 OK 70 kB URL HTTP/2 widgets.amung.us/mapbacks/green.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Macintosh, datetime=2008:05:09 12:37:46], baseline, precision 8, 450x225, components 3\012- data
Hash 40be05ce07bbf2bf4cc7920d3c1183a6
ab5b664cd8ad2e2550c9235643d9f0270f5d3e3a
ffaff41ecee34f2007a9811125d933c5c5e5309284fe156d3f88d571ca1aa4aa
GET /mapbacks/green.jpg HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:50 GMT
content-type: image/jpeg
content-length: 69594
cache-control: max-age=86400
cf-bgj: h2pri
access-control-allow-origin: *
etag: "630d019e-10fda"
expires: Wed, 21 Sep 2022 11:47:42 GMT
last-modified: Mon, 29 Aug 2022 18:12:46 GMT
cf-cache-status: HIT
age: 28268
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd061118110d4e-ARN
X-Firefox-Spdy: h2
c1.popads.net/pop.js
200 OK 9.9 kB IP
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 3ad3e60248e8c792c08d7a6fb17b1475
2d3385f3ad13f435eb4e1de675998c997ffa180e
e72753705052e1e410839f48a7202f519baca54bf8757d9926274e58f412815c
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: application/javascript; charset=UTF-8
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
last-modified: Sun, 03 Jul 2022 20:49:14 GMT
etag: W/"62c200ca-7b48"
access-control-allow-origin: *
x-accel-expires: @1664139665
server: CDN77-Turbo
x-77-nzt: AblMCRSP+6r/OCcJAA
x-77-nzt-ray: NPd6GPENfdM
x-cache: HIT
x-age: 599864
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9ebc2cde2f2c3a27f40f858cc2142ce5
cf94cfceb915727b82e35664e8a65e5fb5290d30
c81a0fa295402ebdd43491f3e9f012ce0608fc296d02d387443c23baa8d1c5b2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 11:33:40 GMT
Expires: Sun, 25 Sep 2022 11:33:39 GMT
Etag: "cf94cfceb915727b82e35664e8a65e5fb5290d30"
Cache-Control: max-age=402288,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd06114ccbb527-OSL
widgets.amung.us/map.js
200 OK 2.7 kB IP
File type ASCII text, with very long lines (7046), with no line terminators
Hash f38543c2e3788fb8bedf3dd4cb4e6578
6bc3462a9740b89df0a8a58f9e448c1a5b22ea73
cc263659b825683af6e813e9865d139b0f83720eed38c44d5ec5bc92bea8f0f6
GET /map.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Aug 2022 18:12:54 GMT
etag: W/"630d01a6-1b86"
expires: Wed, 21 Sep 2022 18:55:20 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 2609
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd060a0f700d4e-ARN
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&cu=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&cu=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&cu=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 20 Sep 2022 19:38:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ubegr90iwzvx.s4.adsco.re/
200 OK 0 B URL HTTP/1.1 ubegr90iwzvx.s4.adsco.re/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ubegr90iwzvx.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:38:50 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&cu=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&cu=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&cu=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!9763xke8zbso~w!a90jsxtybf7w&dn=TC&cc=1&r=
200 OK 659 B URL HTTP/2 de.tynt.com/deb/v2?id=w!9763xke8zbso~w!a90jsxtybf7w&dn=TC&cc=1&r=
IP
Hash 8a95ca06c59f59fc9133201e1115b494
000fee1391774a9d6ebb09a5b7da67fba35813fd
29759425559d75c0a465863e44222e8858074565187713b147f94c4c12fd3bb5
GET /deb/v2?id=w!9763xke8zbso~w!a90jsxtybf7w&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
expires: Wed, 21 Sep 2022 19:38:51 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Tue, 20 Sep 2022 19:38:50 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
200 OK 7.8 kB IP
Hash 683a69a94f1e640d894742d2f242d7c2
b7dc013565923062d2836ed9e8d917540cf84939
fb337f91a0532721d7de1cee63c4a1d3e194caac56977925d14b9bfae1dcade5
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:50 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 102000
expires: Fri, 23 Sep 2022 19:38:50 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 74dd061199b5b529-OSL
X-Firefox-Spdy: h2
serve.popads.net/c?_=BAYAYyoWygFjKhbKgAGBAsAAIOl6NQiKcV49BZpYSva_mDcE3m9BKgvGAkd5luSkivoCwQBHMEUCIEvAic4UmFJXPolcZdZOeBAbMsGpHAKRspxTKl8YpfScAiEAism1YFsK_RqQCFujv2XDezwZCPQa7RrX7LewHsiu4qg&v=4&siteId=2094527&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
200 OK 824 B URL HTTP/1.1 serve.popads.net/c?_=BAYAYyoWygFjKhbKgAGBAsAAIOl6NQiKcV49BZpYSva_mDcE3m9BKgvGAkd5luSkivoCwQBHMEUCIEvAic4UmFJXPolcZdZOeBAbMsGpHAKRspxTKl8YpfScAiEAism1YFsK_RqQCFujv2XDezwZCPQa7RrX7LewHsiu4qg&v=4&siteId=2094527&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
IP
File type ASCII text, with very long lines (1150), with no line terminators
Hash 408b8435b0525a957c868ad1bd348649
9dc1a28656a6aa201ed4095c4e9ad30aa0ba5aeb
b988d22b5e9342da04e42e7338d20a67458ceb382060756386a1c826ab55e59f
GET /c?_=BAYAYyoWygFjKhbKgAGBAsAAIOl6NQiKcV49BZpYSva_mDcE3m9BKgvGAkd5luSkivoCwQBHMEUCIEvAic4UmFJXPolcZdZOeBAbMsGpHAKRspxTKl8YpfScAiEAism1YFsK_RqQCFujv2XDezwZCPQa7RrX7LewHsiu4qg&v=4&siteId=2094527&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: serve.popads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Tue, 20-Sep-2022 20:38:51 GMT; Max-Age=3600
fraudcheck=5140d8a91df154f865d3014df3c98e8d; expires=Thu, 20-Oct-2022 19:38:51 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Wed, 21-Sep-2022 01:38:51 GMT; Max-Age=21600
link: <https://free-cosmetics-online.com>;rel=preconnect
content-length: 824
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 19:38:51 GMT
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 506ce89f0f1830fa4aa868e5f49f86b1
8a41d06c3edd000e9a74c9bfccd8234b1b5c83ce
ed9b831b877598ed53b188a48be61a6169bdf2e347fc6adeae970bbf3e36a809
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "ED9B831B877598ED53B188A48BE61A6169BDF2E347FC6ADEAE970BBF3E36A809"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2282
Expires: Tue, 20 Sep 2022 20:16:53 GMT
Date: Tue, 20 Sep 2022 19:38:51 GMT
Connection: keep-alive
ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
free-cosmetics-online.com/favicon.ico
404 Not Found 491 B URL HTTP/2 free-cosmetics-online.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 19a097d812d3ac07843f5e6099e98e05
a1d6d9718235e517e9401a4ba1479ea865f9e521
71c4be97ac49d4400fda199f59df27a3175b087c31315dba3635e9ecec63acde
GET /favicon.ico HTTP/1.1
Host: free-cosmetics-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 97
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vln47YsaFj6usnWqePOkYC9MgbufKgg8YPu9WeiInK3z0EfF6TNuOwnxV1NjafVcI3lf2rTCXxp11BmjDERaiQ1KFgYNdxClt6LQFUN66vbgu7btGSMjxDyh5qqtVrB%2Fgm%2BSFnGaw6VsRpPP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd0616ec2ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0&img=https%3A%2F%2F2.bp.blogspot.com%2F-NutRU7vamuM%2FWlwMiW-2oqI%2FAAAAAAAAGnY%2FiIWWYZ2Y3mwoWQjWZd2gix00BlxaEdgOQCK4BGAYYCw%2Fw1200-h630-p-k-no-nu%2FAcompanhante%252Bde%252BLuxo%252BMorena%252B-%252BMar%2525C3%2525ADlia%252B-%252BSP%25252C%252BBrasil.JPG HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 20 Sep 2022 19:38:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!9763xke8zbso~w!a90jsxtybf7w&lm=0&ts=1663702730533&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 20 Sep 2022 19:38:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 03005f268f764a105a9518c68e5ba79e
85cca6d550c84ce01289ca714440ef235f81336c
16ee5657b96d70afe6a2f4c8d669abc7229d1f145a27c0635f878491317649ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2783
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:52 GMT
Last-Modified: Tue, 20 Sep 2022 18:52:29 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
gum.criteo.com/syncframe?origin=publishertag&topUrl=acompanhantesembrasil.blogspot.com
200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=acompanhantesembrasil.blogspot.com
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 336d3e015f987a65d205999a49be4805
57a3f572cd89347b5ead196670776134f1f0f69e
9621f1cc5441ed0d364b0fb9986a8c6742af2c5c356e6e4edb432728fe319ff3
GET /syncframe?origin=publishertag&topUrl=acompanhantesembrasil.blogspot.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:51 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=141b39f9-93b9-478f-8b9d-a181722db05d; expires=Sun, 15 Oct 2023 19:38:51 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 458392
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash e9d9ebb7dabd27d0a341649bc2de639d
e0089863488c13374b03405aed158ace7491345a
7e01d6c81d783fabf38f2663261771a08fd74a2b53ce9892c60b559f1c26cf2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6549
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:52 GMT
Last-Modified: Tue, 20 Sep 2022 17:49:43 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash e9d9ebb7dabd27d0a341649bc2de639d
e0089863488c13374b03405aed158ace7491345a
7e01d6c81d783fabf38f2663261771a08fd74a2b53ce9892c60b559f1c26cf2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6478
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:38:52 GMT
Last-Modified: Tue, 20 Sep 2022 17:50:54 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
t.dtscout.com/pv/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pv/ HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------258962481819897935152793280076
Content-Length: 1213
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Cookie: m=2; oa=2; df=1663702729
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 20 Sep 2022 19:38:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 0.191
X-C: 0
Expires: Tue, 20 Sep 2022 19:38:53 GMT
Cache-Control: no-cache
kuleqasfors.one/popunder.gif
200 OK 0 B URL HTTP/2 kuleqasfors.one/popunder.gif
IP
GET /popunder.gif HTTP/1.1
Host: kuleqasfors.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 136271
last-modified: Mon, 19 Sep 2022 05:47:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIZACHRB5hv0wBMX4BuC99QDKR0LDMHO5N3EXFghVvEUFb9bPysH%2FA7PgsLHvNmK%2F7TzilXCncMzJv8q%2Fc23VZKWXIwxoLvF%2BS7CtMAg1kly%2FNeTBRWoH%2Bes5blgz37Fimc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd05ff0ffb1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
t.frtyt.com/2mxr06ik3m?offer_id=4093&aff_id=52706&bo=2745,2746,2748,2749,2750&file_id=226244
200 OK 0 B URL HTTP/2 t.frtyt.com/2mxr06ik3m?offer_id=4093&aff_id=52706&bo=2745,2746,2748,2749,2750&file_id=226244
IP
GET /2mxr06ik3m?offer_id=4093&aff_id=52706&bo=2745,2746,2748,2749,2750&file_id=226244 HTTP/1.1
Host: t.frtyt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.10
date: Tue, 20 Sep 2022 19:38:48 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
tracking_id: 102b07bda9bf3f15397a3132d490fb
access-control-allow-origin: *
x-request-id: f6d93f67b8c8a83d44ef8e38a760191a
access-control-allow-headers: Tune-SDK-Version
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=a90jsxtybf7w&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&c=s&x=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&y=&a=0&d=2.234&v=27&r=7173
200 OK 0 B URL HTTP/2 whos.amung.us/pingjs/?k=a90jsxtybf7w&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&c=s&x=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&y=&a=0&d=2.234&v=27&r=7173
IP
GET /pingjs/?k=a90jsxtybf7w&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&c=s&x=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&y=&a=0&d=2.234&v=27&r=7173 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74dd060b68f50d4e-ARN
X-Firefox-Spdy: h2
wts.one/1/1450728/log6_2.js
200 OK 0 B URL HTTP/2 wts.one/1/1450728/log6_2.js
IP
GET /1/1450728/log6_2.js HTTP/1.1
Host: wts.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acompanhantesembrasil.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: no-store
strict-transport-security: max-age=63072000; includeSubDomains
access-control-allow-origin: *
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyukJfuzB8hwQ2TEZBP%2BsKVdALO0cYKu21LB3%2FDaOTKRit1tFfvMS9%2BT7KWmOHIgO0O%2BPdfo0uaiBW662Mje%2BzqKwsd1%2BDRNeO1MoHqUAxKcuIhCPC8GOLM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74dd060c7f89b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bonepa.com/af5f5e632c170a325a18%20/3fc2384c72/?placementName=default&randomA=1_8685&maxw=808
404 Not Found 0 B URL HTTP/2 bonepa.com/af5f5e632c170a325a18%20/3fc2384c72/?placementName=default&randomA=1_8685&maxw=808
IP
ASN #201702 skHosting.eu s.r.o.
GET /af5f5e632c170a325a18%20/3fc2384c72/?placementName=default&randomA=1_8685&maxw=808 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: text/html
etag: W/"61b0d5a2-17"
content-encoding: br
X-Firefox-Spdy: h2
o-oo.ooo/js/yxpup.js
200 OK 0 B IP
ASN #201702 skHosting.eu s.r.o.
Analyzer Verdict Alert fortinet Malware
GET /js/yxpup.js HTTP/1.1
Host: o-oo.ooo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: application/javascript
last-modified: Wed, 20 Jul 2022 07:40:48 GMT
etag: W/"62d7b180-15963"
content-encoding: br
X-Firefox-Spdy: h2
bonepa.com/js/responsive.js
200 OK 0 B URL HTTP/2 bonepa.com/js/responsive.js
IP
ASN #201702 skHosting.eu s.r.o.
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 17:57:57 GMT
etag: W/"6329ff25-cd3"
content-encoding: br
X-Firefox-Spdy: h2
widgets.amung.us/tab.js
200 OK 0 B IP
GET /tab.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Aug 2022 18:12:46 GMT
etag: W/"630d019e-728a"
expires: Wed, 21 Sep 2022 18:43:31 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 3318
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd0608ae160d4e-ARN
X-Firefox-Spdy: h2
widgets.amung.us/small.js
200 OK 0 B URL HTTP/2 widgets.amung.us/small.js
IP
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Aug 2022 18:12:41 GMT
etag: W/"630d0199-2142"
expires: Wed, 21 Sep 2022 19:02:21 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 2188
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd0609bf2c0d4e-ARN
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 80962
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
aaaaaco.com/80a4728802/9d9db5c5c4/?placementName=default&randomA=0_9704&maxw=808
200 OK 0 B URL HTTP/2 aaaaaco.com/80a4728802/9d9db5c5c4/?placementName=default&randomA=0_9704&maxw=808
IP
ASN #201702 skHosting.eu s.r.o.
GET /80a4728802/9d9db5c5c4/?placementName=default&randomA=0_9704&maxw=808 HTTP/1.1
Host: aaaaaco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2
c.adsco.re/
200 OK 0 B IP
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 21 Oct 2022 19:38:49 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 423241
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd060b3cb1b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=Iumk-F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czlLRHFsb3AxWEtFTmtobSUyRk5FU3NYN0xBZldMamZVM1NvMnVRdDNweUxxJTJG
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=bdr8sV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czlLRHFsb3AxWEtFTmtobSUyRk5FU3NYNklOcmprZmZ2dVB3YTE5Sk5uM2N4dQ; expires=Sun, 15 Oct 2023 19:38:52 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 247022
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:52 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 84678
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
widget.supercounters.com/vt.js
200 OK 0 B URL HTTP/2 widget.supercounters.com/vt.js
IP
GET /vt.js HTTP/1.1
Host: widget.supercounters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 08:24:01 GMT
etag: W/"62c2a3a1-2766"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6940
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNxGtwBCWrs7grfrkA9ABAF56E49TO3tf5Ec576RMemGrRYQONufE37m4JG61AMH%2FUdebFBDlxtU%2FVKAaZZt7uMUo4p4TS2TALnsIcMu7r7ETibXvwFtQJuZfNGDnr9SD89HhWg2Tpmg6vk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd05fc6bf2b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aaaaaco.com/js/responsive.js
200 OK 0 B URL HTTP/2 aaaaaco.com/js/responsive.js
IP
ASN #201702 skHosting.eu s.r.o.
GET /js/responsive.js HTTP/1.1
Host: aaaaaco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:38:47 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 17:57:57 GMT
etag: W/"6329ff25-cd3"
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acompanhantesembrasil.blogspot.com/
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://acompanhantesembrasil.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Tue, 20 Sep 2022 19:38:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDtqoOrB1TPx12PZ6gcacW6XLNZ4UfZ86ADXUh5yAk0Qz463559Q9LkYFGUEPJumwzbIOSESygooXxaj7%2FRjIdtpXCOKOtx%2B6AQoOYYPt37ISCT%2FFFhd7kJquEL%2BXOTi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd0608ea727549-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acompanhantesembrasil.blogspot.com/
Origin: https://acompanhantesembrasil.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://acompanhantesembrasil.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Tue, 20 Sep 2022 19:38:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0PngPGsDZtZwDbFBWeygeUmHyhS2tGirwSwsaXwLDex29qiLhVZnJ0VVC8hI3CP4AN3EoglDeulfrJ4x0JmGm7IUf4No%2FGL5UJRjGfQS0RtYcnMD9fawqMMN2N%2FvR%2FA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74dd0608ea757549-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=9763xke8zbso&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&c=t&x=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&y=&a=2&d=2.234&v=27&r=3907
200 OK 0 B URL HTTP/2 whos.amung.us/pingjs/?k=9763xke8zbso&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&c=t&x=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&y=&a=2&d=2.234&v=27&r=3907
IP
GET /pingjs/?k=9763xke8zbso&t=Acompanhante%20de%20Luxo%20Morena%20-%20Mar%C3%ADlia%20-%20SP%2C%20Brasil&c=t&x=https%3A%2F%2Facompanhantesembrasil.blogspot.com%2F2018%2F01%2Facompanhante-de-luxo-morena-marilia-sp.html&y=&a=2&d=2.234&v=27&r=3907 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acompanhantesembrasil.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:38:49 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74dd060b68ef0d4e-ARN
X-Firefox-Spdy: h2
142.250.74.161
192.99.13.63
104.18.36.173
78.41.204.33
185.200.116.90
95.216.137.125
136.243.35.166
23.14.2.57
185.235.84.7
139.45.197.236
185.66.200.220
95.142.20.17
23.36.77.32