r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9137
Expires: Wed, 08 Feb 2023 02:16:17 GMT
Date: Tue, 07 Feb 2023 23:44:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3205
Expires: Wed, 08 Feb 2023 00:37:25 GMT
Date: Tue, 07 Feb 2023 23:44:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9064
Expires: Wed, 08 Feb 2023 02:15:04 GMT
Date: Tue, 07 Feb 2023 23:44:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Tqeml28bwMMErV/DUDyKeshjFogxjzWsaq77C9AVLiSxNpO2LzuYlj3xW1nsLaER/3WpXLLZB4o=
x-amz-request-id: Q81P1J213HEC3NKD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 22:45:44 GMT
age: 3496
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 23:34:10 GMT
content-type: application/json
age: 590
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 23:44:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 23:14:52 GMT
age: 1748
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
kodeshaplicativos.blogspot.com/
301 Moved Permanently 184 B URL HTTP/1.1 kodeshaplicativos.blogspot.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 3fdb44b57fa11d6da540085d91a6d3ef
e35a9827775e6ca43e9939ee7566bedd258c53ff
c407a6ab928546106563739217913f80c3245fabd1361c9e69d63924154a9d00
GET / HTTP/1.1
Host: kodeshaplicativos.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://kodeshaplicativos.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 07 Feb 2023 23:44:00 GMT
Expires: Tue, 07 Feb 2023 23:44:00 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 184
Server: GSE
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 83e22821bb0489f9ffd588625ddc354a
631978b5167b8ee78608b27c6595779dcb48c252
ef35eab5ca69dd44e3d5bcf9229bc97c226ff44f38f53c096f14121714b3d234
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6730
Expires: Wed, 08 Feb 2023 01:36:11 GMT
Date: Tue, 07 Feb 2023 23:44:01 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mU1Qc9CnAwUGr9sBcUIaVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: v0wAOaKvwYRQf2rqsU3oz0hlucc=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 83e22821bb0489f9ffd588625ddc354a
631978b5167b8ee78608b27c6595779dcb48c252
ef35eab5ca69dd44e3d5bcf9229bc97c226ff44f38f53c096f14121714b3d234
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash 4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 889
Cache-Control: max-age=161753
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 20:39:55 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
IP
File type ASCII text, with very long lines (56656)
Hash 5c32368e2726220885c82f35b6fb4e78
bb3909d2aaca84d895296187aeaea024c76f46ec
53ceda316a9da4b956909214bb1bdaf76d2b2e3d2037614a13b6749e1e5c9e17
GET /ajax/libs/font-awesome/5.11.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:02 GMT
content-type: text/css; charset=utf-8
content-length: 10022
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-de0a"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1708042
expires: Sun, 28 Jan 2024 23:44:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNsFStHAM1T%2FvH9%2BhXdfyYDiW49pUTNqxUWq%2FNkhgzXoE4dOGkec6VDBiD7sUHN0xZg2V%2ByQfN1ev7aBoH5N6mtxDrdGq8IPs%2FmfxIBXJofZ69MlIdkF%2B%2B4KBt4UonuOqAykE2Nc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 795ffdbd8a870b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1538888
expires: Sun, 28 Jan 2024 23:44:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqXdiEgZScbkdcHe80BkIL5LSHPoA7I71VWN6nXe0vPlaapbfEzVafXbo%2FhqbQAL0zGIXTf2qZMR806ldlfP4ATxi103gOC3hz07%2BNMzIJSzhIQGrrO2gQHb8fegxsRSIxdmPYtw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 795ffdbd9a930b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kodeshaplicativos.blogspot.com/
200 OK 43 kB URL HTTP/2 kodeshaplicativos.blogspot.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6771)
Hash 7e2b57cd3e95fc6e1745c53090abdb83
9e5ab3712cd6b7968b4b32b1f2e303fc90ae4d75
950fc548ca2ed09fd708a58bcc6ab1ba81494c2609df77b8e86c4c3f966fee0b
GET / HTTP/1.1
Host: kodeshaplicativos.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 07 Feb 2023 23:44:01 GMT
date: Tue, 07 Feb 2023 23:44:01 GMT
cache-control: private, max-age=0
last-modified: Tue, 07 Feb 2023 15:01:29 GMT
etag: W/"4241882f13d08bef478ccc8986a8d91a286bed96394518062ec9eabbd4568187"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 43195
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 4a2793786b1ce1206b70d285bea47b94
11747c77f2ef56d889b5148834faa184be7cfc07
af406b334b4df19c87a6911d78bbab5bc5628dc7ccac9d7d60050908c770fb52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 889
Cache-Control: max-age=161753
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Etag: "63e2b3a2-118"
Expires: Thu, 09 Feb 2023 20:39:55 GMT
Last-Modified: Tue, 07 Feb 2023 20:25:06 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6563866117884409&host=ca-host-pub-1556223355139109
200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6563866117884409&host=ca-host-pub-1556223355139109
IP
File type ASCII text, with very long lines (3649)
Hash 26153a56d2922804f4bd85eeb1f6492b
31cff35565c2f2bc6223f4c06b3131632223b04e
4ecc12e5e51ef7d8c5b483d4cfec9ded6e17ec4caef77719c4a15c03a5c7c8d3
GET /pagead/js/adsbygoogle.js?client=ca-pub-6563866117884409&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Feb 2023 23:44:02 GMT
expires: Tue, 07 Feb 2023 23:44:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1351261962817803672
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49649
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4fe8a46e4fe7c971a068b163b275e25a
5ca9fb282e652f18298c755e61c5e38665ddc7b1
c4639e8bacf773e2ad7c0256587dcabb3db19ceda949ffd365358091e1eef0f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (3649)
Hash 81d4d3aa37c79ad50c44a72a60915d31
2d88fc103b510941f7fd8ded8e38523c3851cb54
2c5863a2987efefce8d30975631306ff7ec232b0687dbac00968d9175f9ffcdc
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Feb 2023 23:44:02 GMT
expires: Tue, 07 Feb 2023 23:44:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 9445522775688516890
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/3801814646-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3801814646-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 4b866f80aa72c49d02f36338402a59e5
ca95baa3565ec41d9635387ac90b2add0e05a47d
aff6590600f8a33efdbaf01cc67e5a435e38ec8997b3c6b1f34a1ca8ff72fe7e
GET /static/v1/widgets/3801814646-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56575
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 02:58:16 GMT
expires: Tue, 06 Feb 2024 02:58:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Feb 2023 00:50:58 GMT
content-type: text/javascript
age: 161146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Hash 479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
GET /s/roboto/v19/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 18:48:17 GMT
expires: Sat, 03 Feb 2024 18:48:17 GMT
cache-control: public, max-age=31536000
age: 363345
last-modified: Mon, 25 Mar 2019 20:12:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Hash 2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
GET /s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:16:48 GMT
expires: Sat, 03 Feb 2024 02:16:48 GMT
cache-control: public, max-age=31536000
age: 422834
last-modified: Mon, 25 Mar 2019 20:13:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4fe8a46e4fe7c971a068b163b275e25a
5ca9fb282e652f18298c755e61c5e38665ddc7b1
c4639e8bacf773e2ad7c0256587dcabb3db19ceda949ffd365358091e1eef0f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15872, version 1.0\012- data
Hash 020c97dc8e0463259c2f9df929bb0c69
8f956a31154047d1b6527b63db2ecf0f3a463f24
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
GET /s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:12:05 GMT
expires: Tue, 06 Feb 2024 17:12:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Mar 2019 20:14:12 GMT
content-type: font/woff2
age: 109917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 18eec2142c6436defbc7c12ebed6d3a0
be4647b53d4b64ba16f6ccc3e9afe884c065ad2c
833d2101bad220e693efaab9e2a1cafdd5b4cb738ea5bae1ceb5b7050698a07f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6563866117884409&plah=kodeshaplicativos.blogspot.com
200 OK 121 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6563866117884409&plah=kodeshaplicativos.blogspot.com
IP
File type ASCII text, with very long lines (4056)
Size 121 kB (121179 bytes)
Hash 89dd51a113074bfd457e07a35191fa5b
9473c6d80b254af0cf5e859069dae78cd6d0ddff
9bf71061a7ee4f7b876d4f09ff0cb073aa68c25070a92988506c70d7df014adb
GET /pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6563866117884409&plah=kodeshaplicativos.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Feb 2023 23:44:02 GMT
expires: Tue, 07 Feb 2023 23:44:02 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 6122588203076144446
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 121179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230206/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230206/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230206/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 07 Feb 2023 09:55:58 GMT
expires: Tue, 21 Feb 2023 09:55:58 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 49684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.N3tvqCU4yj8.O/am=Cg/d=1/exm=el_conf/ed=1/rs=AN8SPfq-z9HvXxjSxazSicugzx9gqiSrMg/m=el_main
200 OK 77 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.N3tvqCU4yj8.O/am=Cg/d=1/exm=el_conf/ed=1/rs=AN8SPfq-z9HvXxjSxazSicugzx9gqiSrMg/m=el_main
IP
File type ASCII text, with very long lines (2052)
Hash e6142bf054287daa9e8594634f398654
40ddd0259011f3584fca199b3f79971e265a08d5
bc2abf95c5fd19cb167d4ae517946d96a03211c3c3ba2959a7a97a6e71c09486
GET /_/translate_http/_/js/k=translate_http.tr.no.N3tvqCU4yj8.O/am=Cg/d=1/exm=el_conf/ed=1/rs=AN8SPfq-z9HvXxjSxazSicugzx9gqiSrMg/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 77328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 22:56:45 GMT
expires: Wed, 07 Feb 2024 22:56:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Feb 2023 22:11:47 GMT
content-type: text/javascript; charset=UTF-8
age: 2837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4632
Expires: Wed, 08 Feb 2023 01:01:14 GMT
Date: Tue, 07 Feb 2023 23:44:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4632
Expires: Wed, 08 Feb 2023 01:01:14 GMT
Date: Tue, 07 Feb 2023 23:44:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4632
Expires: Wed, 08 Feb 2023 01:01:14 GMT
Date: Tue, 07 Feb 2023 23:44:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4632
Expires: Wed, 08 Feb 2023 01:01:14 GMT
Date: Tue, 07 Feb 2023 23:44:02 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=kodeshaplicativos.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=kodeshaplicativos.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=kodeshaplicativos.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 07 Feb 2023 23:44:02 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: ef7a879d-25be-42b0-a5c5-df6ad8f1482c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_R2FFv5IAMFZ7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c9c0-2f8fa7ef41b70de04cfb5ac6;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:59:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JxJrYYY7fMm_DCBcuC4OEdR62HL5VMvJbt_a6TWp4QfqN0qxgFgj-A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:50 GMT
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
age: 5832
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:45:27 GMT
age: 57515
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:35 GMT
age: 6687
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de2fe3c9a2b091689a7213c4f781446
385fa88a857ba301f37ab56d72d11fb49abd8c6b
b64b11a68493fa304aa6102bf9b9ff11fab5e1536ecf768e4b0fa51470ae2293
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13714
x-amzn-requestid: 8f776dba-4e5d-46e5-a3ac-459d86852375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PFjGNHIAMFrMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c556-74429dc755cc37672c68b58b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KYWj40o5goODdNjGr_Evrb_bfXcxtJRIyGvs7ViEWlELAyJt0-ZzMw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 6588
etag: "385fa88a857ba301f37ab56d72d11fb49abd8c6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe800d6af728cd622a6192ad5e7dda6a
3a301dd894fc428c7d1863c9d5eaf2652f5c2083
f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cf13Lp2SFHQ4SSF6_KpC4zx339tZRkMmnmF-OKM_2hbWbIoR3OLJ_g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:50:49 GMT
age: 6793
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f175de8eebe398f5de2829cd551b3f04
e6da63e9b03289bfded190d999a20da78232437c
b5d1ee4bd6186cbac1e4ac037766c9e453e166b0cfb2e08004cb11b8bb7daa88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10202
x-amzn-requestid: 15e6c7ee-acef-4638-9a15-a01864ac74f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PEYFZOoAMFzEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c54f-3681217a71e5b9472b9cdb8a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PyOVGtKFSYIU2don5C7_L_pTUxdP_VEAhLZUhtBWo2PZ4kvPqaTg9g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:22 GMT
etag: "e6da63e9b03289bfded190d999a20da78232437c"
content-type: image/jpeg
age: 6520
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=kodeshaplicativos.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=kodeshaplicativos.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=kodeshaplicativos.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 07 Feb 2023 23:44:02 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5d1925325e512c8be92578a182ae6f82
154f013b79c99a816c0ad8034ee6501abdc7b4bb
8651879751a40a558cf5245fb94971490ffa3575955f4c867d6b4e240651dea2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=kodeshaplicativos.blogspot.com&callback=_gfp_s_&client=ca-pub-6563866117884409
200 OK 254 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=kodeshaplicativos.blogspot.com&callback=_gfp_s_&client=ca-pub-6563866117884409
IP
File type ASCII text, with very long lines (391), with no line terminators
Hash a26f5108afa667cd23e7eaff7ad9d9b3
0d83172064fdcf1f1aaf068e277907e29cca78dd
163d7a5b4dd942117499b4aaae060ee3fc34bd975ef711d955e745d5319394e8
GET /gampad/cookie.js?domain=kodeshaplicativos.blogspot.com&callback=_gfp_s_&client=ca-pub-6563866117884409 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 07 Feb 2023 23:44:02 GMT
server: cafe
cache-control: private
content-length: 254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2ccbef7dcf1b1d32956833f5127c1ad5
af220576c82f064130ee7bfa3ea966d033e51707
f6eceec81f5b6deb7005fa9f3855ecb54e4bd6b3159c705decf0921e3a49067d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5d1925325e512c8be92578a182ae6f82
154f013b79c99a816c0ad8034ee6501abdc7b4bb
8651879751a40a558cf5245fb94971490ffa3575955f4c867d6b4e240651dea2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 30cde91e8dc52ed81a8f67fc64898fd1
9ab0e74d6bbb359ad859d47690e8bdae0ba3679d
46b748e5f84119625f38859dc3b0f1121ea9baf752b04bb2b76bf8ade5032b8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46B748E5F84119625F38859DC3B0F1121EA9BAF752B04BB2B76BF8ADE5032B8F"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 08 Feb 2023 05:44:02 GMT
Date: Tue, 07 Feb 2023 23:44:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 30cde91e8dc52ed81a8f67fc64898fd1
9ab0e74d6bbb359ad859d47690e8bdae0ba3679d
46b748e5f84119625f38859dc3b0f1121ea9baf752b04bb2b76bf8ade5032b8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46B748E5F84119625F38859DC3B0F1121EA9BAF752B04BB2B76BF8ADE5032B8F"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 08 Feb 2023 05:44:02 GMT
Date: Tue, 07 Feb 2023 23:44:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d475ab6972ba5d6d5acaae62d05d9ea5
31760259a64728d8779d3267e9a5d6a2fd6362fa
ed200e5ffaff51be30f5b230afba76ef652dad7305848625d0021230af80f989
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED200E5FFAFF51BE30F5B230AFBA76EF652DAD7305848625D0021230AF80F989"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Wed, 08 Feb 2023 05:43:36 GMT
Date: Tue, 07 Feb 2023 23:44:02 GMT
Connection: keep-alive
chancellorharrowbelieving.com/6678481002c4a124562a346594565846/invoke.js
200 OK 9.3 kB URL HTTP/1.1 chancellorharrowbelieving.com/6678481002c4a124562a346594565846/invoke.js
IP
File type Unicode text, UTF-8 text, with very long lines (25096), with no line terminators
Hash 8f66d341e44775c76a10862ed78f2817
65f69eb03de602ca9cb0dd364cdd50fe32a76bc0
b69ac2c34b95b91bf257b8979c38911ff1edc74323c968ad2f2645ee684bacec
Analyzer Verdict Alert quad9 Sinkholed
GET /6678481002c4a124562a346594565846/invoke.js HTTP/1.1
Host: chancellorharrowbelieving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 23:44:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c15de42d213b5274430685dd0dceeaec
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
chancellorharrowbelieving.com/d1/46/8d/d1468da720a64e8e2b17ae83903c3540.js
200 OK 13 kB URL HTTP/1.1 chancellorharrowbelieving.com/d1/46/8d/d1468da720a64e8e2b17ae83903c3540.js
IP
File type ASCII text, with very long lines (37122), with no line terminators
Hash 83e488443c2930d2f0ed2dbf793e9b12
7fee2ac954b707d22268fc40fc9ff7b256d7010d
bb5e6589d9cc270afc9f1d0b34ba9a32140454cf75248be9c04bf9bd45300b4a
Analyzer Verdict Alert quad9 Sinkholed
GET /d1/46/8d/d1468da720a64e8e2b17ae83903c3540.js HTTP/1.1
Host: chancellorharrowbelieving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 23:44:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a9e439a48563781587b8eef8389028b4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
chancellorharrowbelieving.com/dd/91/4f/dd914f20462bc30d8e37d7b4eb23a40b.js
200 OK 21 kB URL HTTP/1.1 chancellorharrowbelieving.com/dd/91/4f/dd914f20462bc30d8e37d7b4eb23a40b.js
IP
File type HTML document, ASCII text, with very long lines (60177), with no line terminators
Hash 2d02fd5dada2e67322c88848f4b08aaa
8ea368ac9dbad2d422c2531d160f73b4391743f7
e6f845b4e7fbaca98fb1b976a4dc5f5a7c8be162459f4fdfe0fc1b9516e0b55d
Analyzer Verdict Alert quad9 Sinkholed
GET /dd/91/4f/dd914f20462bc30d8e37d7b4eb23a40b.js HTTP/1.1
Host: chancellorharrowbelieving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 23:44:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32670cc25adaba8f8b93712cebe6e160
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 162cf16c04c5e61dc5ded18807e1686d
82297027d3933d4324dbdcfadc09521c66d9e6b1
b2d018f4c0c6f21ef882829859ba49af6ccf5cc15f9cf3d13407905f301a0759
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142265
Date: Tue, 07 Feb 2023 23:44:03 GMT
Etag: "63e25293-1d7"
Expires: Thu, 09 Feb 2023 15:15:08 GMT
Last-Modified: Tue, 07 Feb 2023 13:30:59 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: krG0HnIHzNonDTFUVNIjSoXBcnrMPcuzd8rV9GAZD6jINiiOu9rFOg==
Age: 6249
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 988d39fa8bca31d2c2c0c84aec9cacdb
5c7ebec416a99e33a9cd420ea5d823301c97d5d2
0cc86f49c5cd927ae5078ee99f8d068a73d0f54f325192ae5a72f3fdc377f97b
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kodeshaplicativos.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=0320fa9b-39eb-4a43-83d1-ff513530f3de:1:1; expires=Fri, 04 Feb 2033 23:44:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash a3dd6804d0d676e604c9fa06fd5068ee
e1733963c9e7822003d2139e239cecd7d8768c39
be7020a3abc76ba3a25e14c4dcb4bca0e41395e2ff972489726f7ff12f7604f7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kodeshaplicativos.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=f41147c1-9816-48be-9f57-e966eb287685:2:1; expires=Fri, 04 Feb 2033 23:44:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 302050dca5bfd95996772da482e2ba26
b4c59eddce50b57bd606de2909a3bf7cd87b3069
b08e6b18be6e4a84867355bbebb9df1ea27f00a30fe781ffa75d6992261fcbda
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kodeshaplicativos.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=aee4ccd9-e4ce-4d93-88fc-6f17c8d489ab:3:1; expires=Fri, 04 Feb 2033 23:44:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-lBuTqdwGA6dyV7HDfFFZ_rFxkg8NoCY0KMgQyNjh8EhzOQF6f1O6GhbkFD5qhqjcsyxGxUl1tpE4JnvoGsxAIvtGAOhrTHmk7gynF6AGMqGlJg
200 OK 50 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-lBuTqdwGA6dyV7HDfFFZ_rFxkg8NoCY0KMgQyNjh8EhzOQF6f1O6GhbkFD5qhqjcsyxGxUl1tpE4JnvoGsxAIvtGAOhrTHmk7gynF6AGMqGlJg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 0741281249acee7d50d778b148225505
9ecfe53f02aaf399f7a97eb098b1346435627efa
372635da73fe4f405f323cc9f6718c719858dd0dc1a51f446f6d6a676813af0d
GET /blogger_img_proxy/AHs97-lBuTqdwGA6dyV7HDfFFZ_rFxkg8NoCY0KMgQyNjh8EhzOQF6f1O6GhbkFD5qhqjcsyxGxUl1tpE4JnvoGsxAIvtGAOhrTHmk7gynF6AGMqGlJg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 50183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash c41c722798f0e3638024f21a5a7a8d83
db3ccc45ee1b163a36affe20ac87fa33c5fd6146
2c47b9c17f99c9852ece1fdf54f4c6dc7b97fc61c663126a5136162560cfb399
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2C47B9C17F99C9852ECE1FDF54F4C6DC7B97FC61C663126A5136162560CFB399"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2573
Expires: Wed, 08 Feb 2023 00:26:56 GMT
Date: Tue, 07 Feb 2023 23:44:03 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/AHs97-kczIH8g9bOC-1652zlA6hOOPEbX0o0aNXGSeh0Nx2phaXW_8vtoHTEMLE_clGVxEBYh7iwa48sA12A9hIS4lGUnUXU9nG29koKeZj_Sw3iLvFJWA
200 OK 40 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-kczIH8g9bOC-1652zlA6hOOPEbX0o0aNXGSeh0Nx2phaXW_8vtoHTEMLE_clGVxEBYh7iwa48sA12A9hIS4lGUnUXU9nG29koKeZj_Sw3iLvFJWA
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash cbc06ff889a74abf689bb5a7f774df1c
a2b3c4d39c8f52455d77fa59bffd7f11c57c1c0c
739e551eef2c36c212f655ca8162b6db34ad387ce8a7b177eac7077538e816e2
GET /blogger_img_proxy/AHs97-kczIH8g9bOC-1652zlA6hOOPEbX0o0aNXGSeh0Nx2phaXW_8vtoHTEMLE_clGVxEBYh7iwa48sA12A9hIS4lGUnUXU9nG29koKeZj_Sw3iLvFJWA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 39544
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-mrPhJQ-oL30ImLbMye0r7S3c_RMQF10hnDcffcV-4qXHjTWsGpgD4_AX4U1KxF9kHHE7NWZI9A168SS2Yy_gm3G8BGbHZGAy-aMeztbA6tSwvXvw
200 OK 51 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-mrPhJQ-oL30ImLbMye0r7S3c_RMQF10hnDcffcV-4qXHjTWsGpgD4_AX4U1KxF9kHHE7NWZI9A168SS2Yy_gm3G8BGbHZGAy-aMeztbA6tSwvXvw
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 057b47e688b5f5bffee408ca8b954e87
181a980b88a675b9dc03842ecb3ec794d8e5ba84
5e5aee11dee86998be786ceca2974f6b819192a01da14eff4e1c6ab13d3efc73
GET /blogger_img_proxy/AHs97-mrPhJQ-oL30ImLbMye0r7S3c_RMQF10hnDcffcV-4qXHjTWsGpgD4_AX4U1KxF9kHHE7NWZI9A168SS2Yy_gm3G8BGbHZGAy-aMeztbA6tSwvXvw HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 51408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-lLpzW9BnmgPvdbss4Xkpt1w4DMq1JpWdMvbrtONYxMt2OjX4EhAyuCX6qX8Hx3MYE4kct6qF34oCqmNICe4Qj-tMxWT01AW84vxCbaFXkNahnB
200 OK 56 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-lLpzW9BnmgPvdbss4Xkpt1w4DMq1JpWdMvbrtONYxMt2OjX4EhAyuCX6qX8Hx3MYE4kct6qF34oCqmNICe4Qj-tMxWT01AW84vxCbaFXkNahnB
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 2f110a0e3040bb6f5d27190c1847e4fa
048fb12d99ba52b8b866d82b2dbb382e4f5ecc7e
be570c60fc82fd505fa5bde367f6cae5baead43c3f551332887af710bede8c4f
GET /blogger_img_proxy/AHs97-lLpzW9BnmgPvdbss4Xkpt1w4DMq1JpWdMvbrtONYxMt2OjX4EhAyuCX6qX8Hx3MYE4kct6qF34oCqmNICe4Qj-tMxWT01AW84vxCbaFXkNahnB HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 55689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-kCTuD44mKOJDxca_tsimLT_iC6o3uUjBBQBCKvF-TZeAF5_qHBRv1sHOO84SGKYkvMkjmZVQeVLc6KHeD3vaHJ_HgMpozTTzTHjRlGcq8DXi9TRg
200 OK 44 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-kCTuD44mKOJDxca_tsimLT_iC6o3uUjBBQBCKvF-TZeAF5_qHBRv1sHOO84SGKYkvMkjmZVQeVLc6KHeD3vaHJ_HgMpozTTzTHjRlGcq8DXi9TRg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 77510f673a1da29f93b16eeb5fef821b
f8943315c1d7442bbb32f10f1f4939bc81b1204b
3fa3fab7b78ab619bf494d56041433a44a88c1b604c1fdd031f86df95ba1ea62
GET /blogger_img_proxy/AHs97-kCTuD44mKOJDxca_tsimLT_iC6o3uUjBBQBCKvF-TZeAF5_qHBRv1sHOO84SGKYkvMkjmZVQeVLc6KHeD3vaHJ_HgMpozTTzTHjRlGcq8DXi9TRg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 44425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-lK3cBk5N9PeAYAEGpVpHTZh7EufRi3-ZHcLHEuWbRFyDIZlcQeNr986HjtnosnoNsjyCXnJbb_ujj-swIzFJRkEbQcr5bsS0nrXvvjnytviWvjMg
200 OK 66 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-lK3cBk5N9PeAYAEGpVpHTZh7EufRi3-ZHcLHEuWbRFyDIZlcQeNr986HjtnosnoNsjyCXnJbb_ujj-swIzFJRkEbQcr5bsS0nrXvvjnytviWvjMg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash fa430efcd81f617669800afae5f097b4
938e2d14661ae2df7e19cab6538ae835d9dbce78
d3fbe6d508a2ddfb55f8f25f69c6fce07368149d2ae4c6f6d30f187c34dbcdbc
GET /blogger_img_proxy/AHs97-lK3cBk5N9PeAYAEGpVpHTZh7EufRi3-ZHcLHEuWbRFyDIZlcQeNr986HjtnosnoNsjyCXnJbb_ujj-swIzFJRkEbQcr5bsS0nrXvvjnytviWvjMg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 65552
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-lDmIg1e-X7IRQRvvpbI_mcp8VBKhkp77UAVsSv7DrExiFpJqHU5_hHkNy0nnfPBDGK0aICaBtAbbgtXL356IMa40xqo8chlFZHCVVqoQ6doCYVmQ
200 OK 52 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-lDmIg1e-X7IRQRvvpbI_mcp8VBKhkp77UAVsSv7DrExiFpJqHU5_hHkNy0nnfPBDGK0aICaBtAbbgtXL356IMa40xqo8chlFZHCVVqoQ6doCYVmQ
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 080bf9a11fc08448b3f2526ee1d9fe02
36e81a2752cab679c78b3476895985c882edd5f1
6dba3c0be1199931469f9a1c440a8f7e5b7dc9c9aebb5fdad64a990b9d31f67d
GET /blogger_img_proxy/AHs97-lDmIg1e-X7IRQRvvpbI_mcp8VBKhkp77UAVsSv7DrExiFpJqHU5_hHkNy0nnfPBDGK0aICaBtAbbgtXL356IMa40xqo8chlFZHCVVqoQ6doCYVmQ HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 51771
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4fe8a46e4fe7c971a068b163b275e25a
5ca9fb282e652f18298c755e61c5e38665ddc7b1
c4639e8bacf773e2ad7c0256587dcabb3db19ceda949ffd365358091e1eef0f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/a/AVvXsEivLHxzfHQcx03fWoxwyrYWrTG2tAHfgSjMGPu2m9q0ZPu3esHKAonwGamtPgkUCS8VQKCDXnYmkYT0NQDvZ7MZlAQ-DwGarvjxwwrPIfP1TMiuqaC5B1bK2mvj3bE4jQxxEl_5QzESTmd4saz-qMPSP6PtO2sy41R0gnESsitkKlB6f7OAouMLDJMowA=s512
200 OK 108 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEivLHxzfHQcx03fWoxwyrYWrTG2tAHfgSjMGPu2m9q0ZPu3esHKAonwGamtPgkUCS8VQKCDXnYmkYT0NQDvZ7MZlAQ-DwGarvjxwwrPIfP1TMiuqaC5B1bK2mvj3bE4jQxxEl_5QzESTmd4saz-qMPSP6PtO2sy41R0gnESsitkKlB6f7OAouMLDJMowA=s512
IP
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (108389 bytes)
Hash 0d781d19d3ba8ee5a507cdc7d884a1a6
f7efb5493bb7c16c216f3ad11b6c0af58cf9f033
d72c9ddf8c2a51c64cc4f1baa84d9ea0d1412812cf95ab1b6467a38ee8b39900
GET /img/a/AVvXsEivLHxzfHQcx03fWoxwyrYWrTG2tAHfgSjMGPu2m9q0ZPu3esHKAonwGamtPgkUCS8VQKCDXnYmkYT0NQDvZ7MZlAQ-DwGarvjxwwrPIfP1TMiuqaC5B1bK2mvj3bE4jQxxEl_5QzESTmd4saz-qMPSP6PtO2sy41R0gnESsitkKlB6f7OAouMLDJMowA=s512 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v391"
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="20220716_142303.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 108389
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-lfHF7XYQ2oAJu5b6tJjW-c19dp6dQaQqX2jrXmDvdCU3a7cB6tQ59A8BObi8rRa8blx4kE3Abh6reYhLrMBkMXDF_23-9S7z48REEDS6ZAmZZGBA
200 OK 40 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-lfHF7XYQ2oAJu5b6tJjW-c19dp6dQaQqX2jrXmDvdCU3a7cB6tQ59A8BObi8rRa8blx4kE3Abh6reYhLrMBkMXDF_23-9S7z48REEDS6ZAmZZGBA
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 8fb849cd2a896ab2e9ed41364c16a10c
e883ed39cc32cdab0d557b84d468f0438611477a
ba4ee5e4cfa82a3108e90bcd32124fe3af042f743d2d2fa91ff2b1a440d49cce
GET /blogger_img_proxy/AHs97-lfHF7XYQ2oAJu5b6tJjW-c19dp6dQaQqX2jrXmDvdCU3a7cB6tQ59A8BObi8rRa8blx4kE3Abh6reYhLrMBkMXDF_23-9S7z48REEDS6ZAmZZGBA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 40120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEjh8O_8_hQY0ez0jRuk4-_LyQhYtpcIG1ypBkikjLa9L3MAaHRNIAzwcIqffjq0skkdxmvgzoE2FH1VnkW2rEdYRWBXGid1QEKE581k7tfYWb6hL19YgL-e3GPJoqX-3zCE9wMkADlT7d0jBTvOR46MUMph-_Hl7NZPlDZjpc2KniFBhTEluksTQaiDlQ=s150
200 OK 1.3 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEjh8O_8_hQY0ez0jRuk4-_LyQhYtpcIG1ypBkikjLa9L3MAaHRNIAzwcIqffjq0skkdxmvgzoE2FH1VnkW2rEdYRWBXGid1QEKE581k7tfYWb6hL19YgL-e3GPJoqX-3zCE9wMkADlT7d0jBTvOR46MUMph-_Hl7NZPlDZjpc2KniFBhTEluksTQaiDlQ=s150
IP
File type PNG image data, 150 x 96, 8-bit colormap, non-interlaced\012- data
Hash 58cb7c361865a3f739fce7d4d28022c8
91cd91021b4a68b3aff64c06e68804e90bd2c171
e79a55bc12f208b164dfe65e2a2a78138f70ca2875147862737aa2bb9a3a3989
GET /img/a/AVvXsEjh8O_8_hQY0ez0jRuk4-_LyQhYtpcIG1ypBkikjLa9L3MAaHRNIAzwcIqffjq0skkdxmvgzoE2FH1VnkW2rEdYRWBXGid1QEKE581k7tfYWb6hL19YgL-e3GPJoqX-3zCE9wMkADlT7d0jBTvOR46MUMph-_Hl7NZPlDZjpc2KniFBhTEluksTQaiDlQ=s150 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3af"
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="doar.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 1308
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash c41c722798f0e3638024f21a5a7a8d83
db3ccc45ee1b163a36affe20ac87fa33c5fd6146
2c47b9c17f99c9852ece1fdf54f4c6dc7b97fc61c663126a5136162560cfb399
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "2C47B9C17F99C9852ECE1FDF54F4C6DC7B97FC61C663126A5136162560CFB399"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2573
Expires: Wed, 08 Feb 2023 00:26:56 GMT
Date: Tue, 07 Feb 2023 23:44:03 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/AHs97-maj-cNDdUsLWBBvwh3k77OwXyhCs1X-EWiKN0Ktd18B-PfbNq7-MUQgtfHiQdNRjBkohRFAXtF8lQr7emawAoX_3Oftc1nKgLd9OsQpGlK0_P2sFLra0YDHGgE9JB5f5DVyg=w80-h65-p-k-no-nu
200 OK 3.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-maj-cNDdUsLWBBvwh3k77OwXyhCs1X-EWiKN0Ktd18B-PfbNq7-MUQgtfHiQdNRjBkohRFAXtF8lQr7emawAoX_3Oftc1nKgLd9OsQpGlK0_P2sFLra0YDHGgE9JB5f5DVyg=w80-h65-p-k-no-nu
IP
File type PNG image data, 80 x 65, 8-bit/color RGB, non-interlaced\012- data
Hash 9b5b10d1b00b5f576da9b82e171c18b9
c9626dd0e1856aef0bb61bac9705c2a876071f39
3b8895935359c503b8609c8aaaaaa361726f1b8bd033a91e18790da9e70ea528
GET /blogger_img_proxy/AHs97-maj-cNDdUsLWBBvwh3k77OwXyhCs1X-EWiKN0Ktd18B-PfbNq7-MUQgtfHiQdNRjBkohRFAXtF8lQr7emawAoX_3Oftc1nKgLd9OsQpGlK0_P2sFLra0YDHGgE9JB5f5DVyg=w80-h65-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 08 Feb 2023 23:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:03 GMT
server: fife
content-length: 3054
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c8a60d2e9bb5cc9a328519949d8bbf5d
eb60f19562f9872ab24df100d654059de43c9851
91a92e8489760409fa5ce0fe9a82f3265a1e7eefc3aa3304dc935cce272f8b86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91A92E8489760409FA5CE0FE9A82F3265A1E7EEFC3AA3304DC935CCE272F8B86"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11158
Expires: Wed, 08 Feb 2023 02:50:01 GMT
Date: Tue, 07 Feb 2023 23:44:03 GMT
Connection: keep-alive
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
200 OK 3.3 kB URL HTTP/2 fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6225), with no line terminators
Hash 6d7bb7015220b196be10200b51cb49b6
079421d16fa034fa1b6f64999e023fcccc019d0d
3c19b5ab814f1f882c789af592e19970d79073e0e5d065bdfb10f8876205c7f2
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 13:31:20 GMT
expires: Wed, 07 Feb 2024 13:31:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
age: 36763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f07f01dee9a15a595397f14d67224bf6
482f2722027543ecca1ddc1c1b0ee1b92c341247
6a55e84a232bbfcd0ed26218b4a7fdb70ef1735771261f84cb828b1772b9a4ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A55E84A232BBFCD0ED26218B4A7FDB70EF1735771261F84CB828B1772B9A4CA"
Last-Modified: Tue, 07 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3421
Expires: Wed, 08 Feb 2023 00:41:04 GMT
Date: Tue, 07 Feb 2023 23:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd323d791dcb256ff08d90c5001ccada
380b8b726dfbe5ca828512ce4f73ea2d3cb2ed9a
d9d54aad7f3a2eebbef4ae07fce2c11f4f750d8faf6613e5b5ec7540b4d478b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D54AAD7F3A2EEBBEF4AE07FCE2C11F4F750D8FAF6613E5B5EC7540B4D478B7"
Last-Modified: Tue, 07 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4390
Expires: Wed, 08 Feb 2023 00:57:13 GMT
Date: Tue, 07 Feb 2023 23:44:03 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5bcb9125c18e4ed3562ceb950dc6eaad
a6c6944804b772de3a487723e3e866c0219de230
94947430d745a6648a2e87f163bf474b4fd4513519360bf4bfecfabc141e5ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/cleardot.gif
200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 07 Feb 2023 23:44:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
helpedhandwritingintestine.com/pixel/purst?dl=0&th=0&sc=0&rs=2968&rd=2968&fd=980&bv=22.10.v.9&tmpl=70
200 OK 0 B URL HTTP/1.1 helpedhandwritingintestine.com/pixel/purst?dl=0&th=0&sc=0&rs=2968&rd=2968&fd=980&bv=22.10.v.9&tmpl=70
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2968&rd=2968&fd=980&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: helpedhandwritingintestine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 23:44:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 23:44:03 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a335393c0046d6263d46d97597b146f1
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 63fc6ded785ff0670bd176adb0865bce
7433185db76630b0b850db7db539fd1844f2cee9
3d7683e1b6bd83a6a5b5a4aa7dc99e2df7258a1bed8d38aba8b3d2c0c23705bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3D7683E1B6BD83A6A5B5A4AA7DC99E2DF7258A1BED8D38ABA8B3D2C0C23705BC"
Last-Modified: Mon, 06 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9911
Expires: Wed, 08 Feb 2023 02:29:14 GMT
Date: Tue, 07 Feb 2023 23:44:03 GMT
Connection: keep-alive
castcloudywhereby.com/ntv.json?key=6678481002c4a124562a346594565846&vstc=4
200 OK 17 kB URL HTTP/1.1 castcloudywhereby.com/ntv.json?key=6678481002c4a124562a346594565846&vstc=4
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (17336), with no line terminators
Hash 279df2805c9a8e48bbc3d20961ff26fe
8b92a342bf45da8807bb1e6cb0886097414f8eca
fcd7e0aa1e4c9db82ca5a133816bc727deeaef91427a08dda8dc442c2db6163f
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=6678481002c4a124562a346594565846&vstc=4 HTTP/1.1
Host: castcloudywhereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 23:44:03 GMT
Content-Type: application/json
Content-Length: 17336
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kodeshaplicativos.blogspot.com
Access-Control-Allow-Origin: https://kodeshaplicativos.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17828419; expires=Wed, 08 Feb 2023 23:44:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 Feb 2023 23:44:03 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 Feb 2023 23:44:03 GMT; secure; SameSite=None
pdhtkv49=true; expires=Wed, 08 Feb 2023 23:44:03 GMT; secure; SameSite=None
uncs49=1; expires=Wed, 08 Feb 2023 23:44:03 GMT; secure; SameSite=None
nlec6678481002c4a124562a346594565846=[2229333,2229329,2229337,2019380]; expires=Tue, 07 Feb 2023 23:44:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e12afa7f94f4bde459639d53c1b11ae
Strict-Transport-Security: max-age=0; includeSubdomains
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqdPb0m0ZE7j_96Evy2ot2UhGXiOz9h1ZTIoh7v5gcrOU89hODqZqbF3YDw3I_zG1hvkEfOo2F4w6q_vjIslXRatMoABgmsEN6HARxKHQC6TP7RUMiZp7eqYkCEp-SfETIuwylrw8L2DQzvas_hvX-meWqSPQP9XqslK0vAZ22LpDm_C75YhnkVg7q/w80-h65-p-k-no-nu/XRecorder_18012023_182309.jpg
200 OK 3.3 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqdPb0m0ZE7j_96Evy2ot2UhGXiOz9h1ZTIoh7v5gcrOU89hODqZqbF3YDw3I_zG1hvkEfOo2F4w6q_vjIslXRatMoABgmsEN6HARxKHQC6TP7RUMiZp7eqYkCEp-SfETIuwylrw8L2DQzvas_hvX-meWqSPQP9XqslK0vAZ22LpDm_C75YhnkVg7q/w80-h65-p-k-no-nu/XRecorder_18012023_182309.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x65, components 3\012- data
Hash efe701655b615bb07a12bf49127cbcd9
c5b65cfd1bfb7f7600d3b071594459f5042b8864
bc48b7f67c0ca04bb7ab8c99926c5d159ef10e5c2d6e19374037171a84c61bf6
GET /img/b/R29vZ2xl/AVvXsEhqdPb0m0ZE7j_96Evy2ot2UhGXiOz9h1ZTIoh7v5gcrOU89hODqZqbF3YDw3I_zG1hvkEfOo2F4w6q_vjIslXRatMoABgmsEN6HARxKHQC6TP7RUMiZp7eqYkCEp-SfETIuwylrw8L2DQzvas_hvX-meWqSPQP9XqslK0vAZ22LpDm_C75YhnkVg7q/w80-h65-p-k-no-nu/XRecorder_18012023_182309.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v111"
expires: Wed, 08 Feb 2023 23:44:04 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="XRecorder_18012023_182309.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 23:44:04 GMT
server: fife
content-length: 3283
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-lB3-lM3t7ECRLI_Gqj7guCYNfdlX21JnpqxrJXr2eMaOBzDQ1xBdags4KMLTloXZ50bmRGzsiJqJhPukNJ6CRUGo7MlH7F7LpAxqxbKoe1LAJgigzXp7_WpJoiGhDSH-KQLw=w80-h65-p-k-no-nu
200 OK 7.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-lB3-lM3t7ECRLI_Gqj7guCYNfdlX21JnpqxrJXr2eMaOBzDQ1xBdags4KMLTloXZ50bmRGzsiJqJhPukNJ6CRUGo7MlH7F7LpAxqxbKoe1LAJgigzXp7_WpJoiGhDSH-KQLw=w80-h65-p-k-no-nu
IP
File type PNG image data, 80 x 65, 8-bit/color RGB, non-interlaced\012- data
Hash e74c2a048fd170f6fe2d3d7e533c6bd7
eee386568246f44ed184a0d4faa26f05417e40ab
57cb8b06e56c4a6e9e40b7dfafb6209dad534496549d584586cd6e93f396f2b1
GET /blogger_img_proxy/AHs97-lB3-lM3t7ECRLI_Gqj7guCYNfdlX21JnpqxrJXr2eMaOBzDQ1xBdags4KMLTloXZ50bmRGzsiJqJhPukNJ6CRUGo7MlH7F7LpAxqxbKoe1LAJgigzXp7_WpJoiGhDSH-KQLw=w80-h65-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
date: Tue, 07 Feb 2023 23:44:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 7778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
castcloudywhereby.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzo4g8bL%2BuHjRQRAUZNI90z2ZcZHFZI0E1yT7i%2BCxuqp6Uk5NV1vVPT3JKbgge5yDB%2FXU%2BSbZoC7i%2FgGKTARZguDOZcnBHBY8CV4E8Sg9OzDug3o%2F6nuH73vvfXaQnRMXGT3b%2BlDvSaXoUlBzq29sy5jr3FY3blY9t%2BZeqm7LuOlfqg5KZ%2Fpve25Qc9%2Bsvi9YVy%2FVXc91PderrkkjIj1YmqKQyb22V2u7Nb9e8wIfA%2FN0bTMHljrg%2FXPyAiSfPLPz4D4kGyPufX9F2G6qk7fe62WKptqgz49vxd1Y5zF68zQyDqL4eNYNbSeEfLEAHR%2FPFED3D0sFCOWEOI88hPHxjCbC%2FtETpqGCiBHy55D3xxBqDEnHYPo2JH9IAMaxsYm4d3dDm5zuPkFpiU5I5Z%2B%2FIfMJqfz%2BEuLedytKDqo3tMpSqWOLQVRADsaQnTGS7ATpngOZn4Cln0JygrhXQPJiqlrKMWQ0hhJDUOsgK590kEUOssRBj59VadCOXHc5CqNGo%2BUzxhoNxoJWkwe84bciFxkraQ2RJkMwNQQz%2B0jMPrpyCJP9BLtTwHIHNp0Q59o%2B%2BrxALghyS5BTglwS5ClB3i%2BOuLJ1W9zlymahN4v1WWwUI512DuiRTjsiJgfJOXm%2BnIdzcXEVXXFWbTaXW37Lc90686lX94NmnTb8ZtD2g2bQ8puwsoC0C1Ope3JCXl34E4mckGf%2F%2BAQhPYFVJ2DyAmjmgeaj5boLujPyWy724h%2B7mgu7QxMlGU1lX9taqHTHJjqtMd0D1wWStIJ01zlQ5%2BTl6aZeq9yCYKeXf1l8Jxk9WgQzBRJT4GP5M0FH3Rld1zk5vK5zS%2B5vJqnsyT1abvFGSlNx4ZsPxG6uDV%2B%2FYodfv8tKoEzv3RQ2vUpjLuOOJd%2BuSM6FWdOGCfLDut0W4VZmd1YyE2fJ1a3VtfVeYoS1UsdjUPlw818wOSGV11%2Bc3ufFX%2F%2BCNGOYrEAvOyUzg9QnYMk%2BbDJnbzWBUfOeMHGQZ8XI1MP5p5IESsxrGhaw%2F6vDeX5g76BjKqDp7elV9k2BvipA1RA2WxyliTm9%2FODL0r5CqCqjUJnKYaiM%2Bnw62tJdK91HE%2FLKbz6sPKuKIHIj4dZFGLXDaJm6vB357ZC2PbEcBtRDaifs8ePV%2FwAAAP%2F%2FAQAA%2F%2F%2Bt1JEehgQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 castcloudywhereby.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzo4g8bL%2BuHjRQRAUZNI90z2ZcZHFZI0E1yT7i%2BCxuqp6Uk5NV1vVPT3JKbgge5yDB%2FXU%2BSbZoC7i%2FgGKTARZguDOZcnBHBY8CV4E8Sg9OzDug3o%2F6nuH73vvfXaQnRMXGT3b%2BlDvSaXoUlBzq29sy5jr3FY3blY9t%2BZeqm7LuOlfqg5KZ%2Fpve25Qc9%2Bsvi9YVy%2FVXc91PderrkkjIj1YmqKQyb22V2u7Nb9e8wIfA%2FN0bTMHljrg%2FXPyAiSfPLPz4D4kGyPufX9F2G6qk7fe62WKptqgz49vxd1Y5zF68zQyDqL4eNYNbSeEfLEAHR%2FPFED3D0sFCOWEOI88hPHxjCbC%2FtETpqGCiBHy55D3xxBqDEnHYPo2JH9IAMaxsYm4d3dDm5zuPkFpiU5I5Z%2B%2FIfMJqfz%2BEuLedytKDqo3tMpSqWOLQVRADsaQnTGS7ATpngOZn4Cln0JygrhXQPJiqlrKMWQ0hhJDUOsgK590kEUOssRBj59VadCOXHc5CqNGo%2BUzxhoNxoJWkwe84bciFxkraQ2RJkMwNQQz%2B0jMPrpyCJP9BLtTwHIHNp0Q59o%2B%2BrxALghyS5BTglwS5ClB3i%2BOuLJ1W9zlymahN4v1WWwUI512DuiRTjsiJgfJOXm%2BnIdzcXEVXXFWbTaXW37Lc90686lX94NmnTb8ZtD2g2bQ8puwsoC0C1Ope3JCXl34E4mckGf%2F%2BAQhPYFVJ2DyAmjmgeaj5boLujPyWy724h%2B7mgu7QxMlGU1lX9taqHTHJjqtMd0D1wWStIJ01zlQ5%2BTl6aZeq9yCYKeXf1l8Jxk9WgQzBRJT4GP5M0FH3Rld1zk5vK5zS%2B5vJqnsyT1abvFGSlNx4ZsPxG6uDV%2B%2FYodfv8tKoEzv3RQ2vUpjLuOOJd%2BuSM6FWdOGCfLDut0W4VZmd1YyE2fJ1a3VtfVeYoS1UsdjUPlw818wOSGV11%2Bc3ufFX%2F%2BCNGOYrEAvOyUzg9QnYMk%2BbDJnbzWBUfOeMHGQZ8XI1MP5p5IESsxrGhaw%2F6vDeX5g76BjKqDp7elV9k2BvipA1RA2WxyliTm9%2FODL0r5CqCqjUJnKYaiM%2Bnw62tJdK91HE%2FLKbz6sPKuKIHIj4dZFGLXDaJm6vB357ZC2PbEcBtRDaifs8ePV%2FwAAAP%2F%2FAQAA%2F%2F%2Bt1JEehgQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzo4g8bL%2BuHjRQRAUZNI90z2ZcZHFZI0E1yT7i%2BCxuqp6Uk5NV1vVPT3JKbgge5yDB%2FXU%2BSbZoC7i%2FgGKTARZguDOZcnBHBY8CV4E8Sg9OzDug3o%2F6nuH73vvfXaQnRMXGT3b%2BlDvSaXoUlBzq29sy5jr3FY3blY9t%2BZeqm7LuOlfqg5KZ%2Fpve25Qc9%2Bsvi9YVy%2FVXc91PderrkkjIj1YmqKQyb22V2u7Nb9e8wIfA%2FN0bTMHljrg%2FXPyAiSfPLPz4D4kGyPufX9F2G6qk7fe62WKptqgz49vxd1Y5zF68zQyDqL4eNYNbSeEfLEAHR%2FPFED3D0sFCOWEOI88hPHxjCbC%2FtETpqGCiBHy55D3xxBqDEnHYPo2JH9IAMaxsYm4d3dDm5zuPkFpiU5I5Z%2B%2FIfMJqfz%2BEuLedytKDqo3tMpSqWOLQVRADsaQnTGS7ATpngOZn4Cln0JygrhXQPJiqlrKMWQ0hhJDUOsgK590kEUOssRBj59VadCOXHc5CqNGo%2BUzxhoNxoJWkwe84bciFxkraQ2RJkMwNQQz%2B0jMPrpyCJP9BLtTwHIHNp0Q59o%2B%2BrxALghyS5BTglwS5ClB3i%2BOuLJ1W9zlymahN4v1WWwUI512DuiRTjsiJgfJOXm%2BnIdzcXEVXXFWbTaXW37Lc90686lX94NmnTb8ZtD2g2bQ8puwsoC0C1Ope3JCXl34E4mckGf%2F%2BAQhPYFVJ2DyAmjmgeaj5boLujPyWy724h%2B7mgu7QxMlGU1lX9taqHTHJjqtMd0D1wWStIJ01zlQ5%2BTl6aZeq9yCYKeXf1l8Jxk9WgQzBRJT4GP5M0FH3Rld1zk5vK5zS%2B5vJqnsyT1abvFGSlNx4ZsPxG6uDV%2B%2FYodfv8tKoEzv3RQ2vUpjLuOOJd%2BuSM6FWdOGCfLDut0W4VZmd1YyE2fJ1a3VtfVeYoS1UsdjUPlw818wOSGV11%2Bc3ufFX%2F%2BCNGOYrEAvOyUzg9QnYMk%2BbDJnbzWBUfOeMHGQZ8XI1MP5p5IESsxrGhaw%2F6vDeX5g76BjKqDp7elV9k2BvipA1RA2WxyliTm9%2FODL0r5CqCqjUJnKYaiM%2Bnw62tJdK91HE%2FLKbz6sPKuKIHIj4dZFGLXDaJm6vB357ZC2PbEcBtRDaifs8ePV%2FwAAAP%2F%2FAQAA%2F%2F%2Bt1JEehgQAAA%3D%3D HTTP/1.1
Host: castcloudywhereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Cookie: u_pl=17828419; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 23:44:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32a22a6fb32d337dbed475335057275f
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9c5cd500f3412d0bb91099f1046874e6
8e2a5b67289ca10a9b5a7f1dcc200d4ee1a748e9
af33d47f4cac0f71eedcdc9ea9f1bf5b71b4b2b8284c5e8a7a73f2aba2373d8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF33D47F4CAC0F71EEDCDC9EA9F1BF5B71B4B2B8284C5E8A7A73F2ABA2373D8C"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19610
Expires: Wed, 08 Feb 2023 05:10:54 GMT
Date: Tue, 07 Feb 2023 23:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9c5cd500f3412d0bb91099f1046874e6
8e2a5b67289ca10a9b5a7f1dcc200d4ee1a748e9
af33d47f4cac0f71eedcdc9ea9f1bf5b71b4b2b8284c5e8a7a73f2aba2373d8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF33D47F4CAC0F71EEDCDC9EA9F1BF5B71B4B2B8284C5E8A7A73F2ABA2373D8C"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19610
Expires: Wed, 08 Feb 2023 05:10:54 GMT
Date: Tue, 07 Feb 2023 23:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9c5cd500f3412d0bb91099f1046874e6
8e2a5b67289ca10a9b5a7f1dcc200d4ee1a748e9
af33d47f4cac0f71eedcdc9ea9f1bf5b71b4b2b8284c5e8a7a73f2aba2373d8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF33D47F4CAC0F71EEDCDC9EA9F1BF5B71B4B2B8284C5E8A7A73F2ABA2373D8C"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19610
Expires: Wed, 08 Feb 2023 05:10:54 GMT
Date: Tue, 07 Feb 2023 23:44:04 GMT
Connection: keep-alive
pistolsizehoe.com/sbar.json?key=d1468da720a64e8e2b17ae83903c3540&uuid=f41147c1-9816-48be-9f57-e966eb287685%3A2%3A1
200 OK 4.3 kB URL HTTP/1.1 pistolsizehoe.com/sbar.json?key=d1468da720a64e8e2b17ae83903c3540&uuid=f41147c1-9816-48be-9f57-e966eb287685%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6337), with no line terminators
Hash 5c2428ccf5bd0b9e7a8ebd485d0246b3
cefe3cdc2237d7d72a74bec97bee8371a37006c6
6fd82ee3225797e9dba935ef37507a40d6935033e884faea3954206804f7cd03
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=d1468da720a64e8e2b17ae83903c3540&uuid=f41147c1-9816-48be-9f57-e966eb287685%3A2%3A1 HTTP/1.1
Host: pistolsizehoe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 07 Feb 2023 23:44:04 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kodeshaplicativos.blogspot.com
Access-Control-Allow-Origin: https://kodeshaplicativos.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17828521; expires=Wed, 08 Feb 2023 23:44:04 GMT; secure; SameSite=None
uid_id2=f41147c1-9816-48be-9f57-e966eb287685:2:1; expires=Tue, 14 Feb 2023 23:44:04 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 Feb 2023 23:44:04 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 Feb 2023 23:44:04 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 08 Feb 2023 23:44:04 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 08 Feb 2023 23:44:04 GMT; secure; SameSite=None
slecd1468da720a64e8e2b17ae83903c3540=[3905509]; expires=Tue, 07 Feb 2023 23:44:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c772c4af79708dd3db62aac7ef8c035
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:04 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Thu, 09 Feb 2023 23:44:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:04 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Thu, 09 Feb 2023 23:44:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:04 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Thu, 09 Feb 2023 23:44:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:04 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Thu, 09 Feb 2023 23:44:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
castcloudywhereby.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0fLPmB%2BHURRAdBUZHZ7pnuyYyLLCZrJLgm2S%2BCx%2Bqq6kk5NV1tVff0JKfgguxxDh7UU%2BeZZINrEPcPUGQiyJKLmcuSgzkseBCPgniUngxEX6j3o5738Dzv%2B362k50SFxk9WftQb0ml6OWg5lZfX5cx17mtrtyuem7NvVJdl3HTv1IdlM703%2FbcoOa%2BUX1fsK6%2BXHc91%2FVcr7okjYj04PIUhUwO2l6t7db8es0LfAzMf2ubObDUAe%2Bfkmch%2BeR%2FG48eQrIx4t5314Ttpjp5671epmiqDfp8%2F07cjXUeo3eeRsZBFO%2FPuqHthJAvLkDH%2BzMF0P3dUgFCOSHOYw9hvD%2BjibC%2Fd8Y0VBAxQv5%2F5P0xhBpD0jGYvgvJjwnAOFZWEffur2iT080zlJbohFT%2B%2BhMyn5DKr88j7n27oOSgekurLJU6thhEBeRgDNkZI8kOkW45kPkhWPopJCeIewUkL6aqpRxDRmMoMQS1DrLySQdZ5CBLHPT4SZUG7ch156MwajRaPmOs0WAsaDV5wBt%2BK3KRsZLWEGkyBFNDMLONxGyjK4cw2Y%2BwGwUsd2DTCXFubKPPC%2BSCILcEOSXIJUGeEuT9Yo8rW7fFfa5sFnqzWJ%2FFRjHSaWeH7um0I2Kyk5ySZ8p5OE%2FPLaIrTqrN5nzLb3muW2c%2B9ep%2B0KzTht8M2n7QDFp%2BE1YWkPbCVOqWnJCXL%2FyBRE7Ipd8%2BQUgPYdUhmLwImnmg%2BWi%2B7oJujPyWi634h67mwm7QRElGU9nXthYq3bGJTmtM98B1gSStIN10dtQpeWG6qZd%2B8SHY0dWf595JRo%2FnwEyBxBT4WP5E0FH3Rjd1TnZv6tySh6tJKntyi5ZbvJXSVFx88IHYzLXhy9fs8Ot3WQmU6cFtYdPrNOYy7ljyzYLkXJglbZgg3y%2FbdRGuZXZjITNxllxfW1xa7iVGWCt1PAaVx6t%2Fg8kJqbz63PQ%2Bnzp%2BE9KMYbICveyIzAxSH4Il27DJ0dUHLx5c8l77HVYTGHXeEyYV5FkxMvXw%2FFNJAiXOaxoWsP%2Bqw%2FN8x95Dx1RA07vTq%2BybAn1VgKohbDY3ShNzdPXRl6V9hVBVRqEyld1QGfX5hLxSuVO6G6X76GzSVp5URRC5kXDrIozaYTRPXd6O%2FHZI256YDwPqIbUT9uTJ4j8AAAD%2F%2FwEAAP%2F%2F4unTgYYEAAA%3D
200 OK 7 B URL HTTP/1.1 castcloudywhereby.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0fLPmB%2BHURRAdBUZHZ7pnuyYyLLCZrJLgm2S%2BCx%2Bqq6kk5NV1tVff0JKfgguxxDh7UU%2BeZZINrEPcPUGQiyJKLmcuSgzkseBCPgniUngxEX6j3o5738Dzv%2B362k50SFxk9WftQb0ml6OWg5lZfX5cx17mtrtyuem7NvVJdl3HTv1IdlM703%2FbcoOa%2BUX1fsK6%2BXHc91%2FVcr7okjYj04PIUhUwO2l6t7db8es0LfAzMf2ubObDUAe%2Bfkmch%2BeR%2FG48eQrIx4t5314Ttpjp5671epmiqDfp8%2F07cjXUeo3eeRsZBFO%2FPuqHthJAvLkDH%2BzMF0P3dUgFCOSHOYw9hvD%2BjibC%2Fd8Y0VBAxQv5%2F5P0xhBpD0jGYvgvJjwnAOFZWEffur2iT080zlJbohFT%2B%2BhMyn5DKr88j7n27oOSgekurLJU6thhEBeRgDNkZI8kOkW45kPkhWPopJCeIewUkL6aqpRxDRmMoMQS1DrLySQdZ5CBLHPT4SZUG7ch156MwajRaPmOs0WAsaDV5wBt%2BK3KRsZLWEGkyBFNDMLONxGyjK4cw2Y%2BwGwUsd2DTCXFubKPPC%2BSCILcEOSXIJUGeEuT9Yo8rW7fFfa5sFnqzWJ%2FFRjHSaWeH7um0I2Kyk5ySZ8p5OE%2FPLaIrTqrN5nzLb3muW2c%2B9ep%2B0KzTht8M2n7QDFp%2BE1YWkPbCVOqWnJCXL%2FyBRE7Ipd8%2BQUgPYdUhmLwImnmg%2BWi%2B7oJujPyWi634h67mwm7QRElGU9nXthYq3bGJTmtM98B1gSStIN10dtQpeWG6qZd%2B8SHY0dWf595JRo%2FnwEyBxBT4WP5E0FH3Rjd1TnZv6tySh6tJKntyi5ZbvJXSVFx88IHYzLXhy9fs8Ot3WQmU6cFtYdPrNOYy7ljyzYLkXJglbZgg3y%2FbdRGuZXZjITNxllxfW1xa7iVGWCt1PAaVx6t%2Fg8kJqbz63PQ%2Bnzp%2BE9KMYbICveyIzAxSH4Il27DJ0dUHLx5c8l77HVYTGHXeEyYV5FkxMvXw%2FFNJAiXOaxoWsP%2Bqw%2FN8x95Dx1RA07vTq%2BybAn1VgKohbDY3ShNzdPXRl6V9hVBVRqEyld1QGfX5hLxSuVO6G6X76GzSVp5URRC5kXDrIozaYTRPXd6O%2FHZI256YDwPqIbUT9uTJ4j8AAAD%2F%2FwEAAP%2F%2F4unTgYYEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0fLPmB%2BHURRAdBUZHZ7pnuyYyLLCZrJLgm2S%2BCx%2Bqq6kk5NV1tVff0JKfgguxxDh7UU%2BeZZINrEPcPUGQiyJKLmcuSgzkseBCPgniUngxEX6j3o5738Dzv%2B362k50SFxk9WftQb0ml6OWg5lZfX5cx17mtrtyuem7NvVJdl3HTv1IdlM703%2FbcoOa%2BUX1fsK6%2BXHc91%2FVcr7okjYj04PIUhUwO2l6t7db8es0LfAzMf2ubObDUAe%2Bfkmch%2BeR%2FG48eQrIx4t5314Ttpjp5671epmiqDfp8%2F07cjXUeo3eeRsZBFO%2FPuqHthJAvLkDH%2BzMF0P3dUgFCOSHOYw9hvD%2BjibC%2Fd8Y0VBAxQv5%2F5P0xhBpD0jGYvgvJjwnAOFZWEffur2iT080zlJbohFT%2B%2BhMyn5DKr88j7n27oOSgekurLJU6thhEBeRgDNkZI8kOkW45kPkhWPopJCeIewUkL6aqpRxDRmMoMQS1DrLySQdZ5CBLHPT4SZUG7ch156MwajRaPmOs0WAsaDV5wBt%2BK3KRsZLWEGkyBFNDMLONxGyjK4cw2Y%2BwGwUsd2DTCXFubKPPC%2BSCILcEOSXIJUGeEuT9Yo8rW7fFfa5sFnqzWJ%2FFRjHSaWeH7um0I2Kyk5ySZ8p5OE%2FPLaIrTqrN5nzLb3muW2c%2B9ep%2B0KzTht8M2n7QDFp%2BE1YWkPbCVOqWnJCXL%2FyBRE7Ipd8%2BQUgPYdUhmLwImnmg%2BWi%2B7oJujPyWi634h67mwm7QRElGU9nXthYq3bGJTmtM98B1gSStIN10dtQpeWG6qZd%2B8SHY0dWf595JRo%2FnwEyBxBT4WP5E0FH3Rjd1TnZv6tySh6tJKntyi5ZbvJXSVFx88IHYzLXhy9fs8Ot3WQmU6cFtYdPrNOYy7ljyzYLkXJglbZgg3y%2FbdRGuZXZjITNxllxfW1xa7iVGWCt1PAaVx6t%2Fg8kJqbz63PQ%2Bnzp%2BE9KMYbICveyIzAxSH4Il27DJ0dUHLx5c8l77HVYTGHXeEyYV5FkxMvXw%2FFNJAiXOaxoWsP%2Bqw%2FN8x95Dx1RA07vTq%2BybAn1VgKohbDY3ShNzdPXRl6V9hVBVRqEyld1QGfX5hLxSuVO6G6X76GzSVp5URRC5kXDrIozaYTRPXd6O%2FHZI256YDwPqIbUT9uTJ4j8AAAD%2F%2FwEAAP%2F%2F4unTgYYEAAA%3D HTTP/1.1
Host: castcloudywhereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Cookie: u_pl=17828419; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 23:44:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 15ea7471a849e639d38aeb9fa2363ebf
Strict-Transport-Security: max-age=0; includeSubdomains
friendshipmale.com/sfp.js
200 OK 27 kB URL HTTP/2 friendshipmale.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash cd34b0772b5d1874b0c82c61f7dbf6fd
971ea49db3aeee40e4fa9fa2269f9bf757d5f91f
e2e92efd4ad3155a346b44e076791724dfe57faf80f0e8fe7cc44deeabee3019
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:03 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: cd441f4aea67dd7195b94c2efd3f6cf3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 07 Feb 2023 23:44:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spOu3D7usb5NsA0Ai2oKoEbXr30QIhtdZP6hrwPfGiWFHXfFcBwkYz26wOsrKB6J6QVMcEZtJgPfrw3k%2FpYhS041wfPq4SEQt19mi75OAK8QRYquq8HOfuiKL8augRtG2FRXbiE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795ffdc4cffd88a7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
castcloudywhereby.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuTuYHP%2BJl%2Fbh40UEQFGTSPdM9mXGRxWSNBNck%2B0XwWF1VPSmnpqut6p6e5BRckD3OwYN66jyTbFAXcf8ARSaCLEFw57LkYA4Lnjx4EMSj9OzA6Av1ftTzHp7nfd9PDrML4iKj59vv632pFF0Oam71tR0Zc53b6uatqufW3MvVHRk3%2FcvVQelM%2F03PDWru69V3Bevq5brrua7netV1aUSkB8tTFDK53%2FZqbbfm12te4GNg%2FlvbzIGlDnj%2FgjwHySf%2F2334AJKNEfe%2BvSpsN9XJG%2B%2F0MkVTbdDnJ7fjbqzzGL15GhkHUXwy64a2E0I%2BW4COT2YKoPtHpQKEckKcxx7C%2BGRGE2H%2F%2BCnTUEHECPkzyPtjCDWGpGMwfQeSPyIA49jcQty7t6lNTveeorREJ6Ty15%2BQ%2BYRUfn0Bce%2BbVSUH1ZtaZanUscUgKiAHY8jOGEl2inTfgcxPwdKPITlB3CsgeTFVLeUYMhpDiSGodZCVTzrIIgdZ4qDHz6s0aEeuuxKFUaPR8hljjQZjQavJA97wW5GLjJW0hkiTIZgagpkDJOYAXTmEyX6A3S1guQObTohz%2FQB9XiAXBLklyClBLgnylCDvF8dc2bot7nFls9CbxfosNoqRTjuH9FinHRGTw%2BSCPFvOw7m0tIauOK82mystv%2BW5bp351Kv7QbNOG34zaPtBM2j5TVhZQNqFqdR9OSEvL%2FyORE7I%2F3%2F7CCE9hVWnYHIRNPNA89FK3QXdHfktF%2Fvx913Nhd2liZKMprKvbS1UumMTndaY7oHrAklaQbrnHKoL8uJ0U69UPoBgZ1d%2BWnorGT1eAjMFElPgQ%2FkjQUfdHd3QOTm6oXNLHmwlqezJfVpu8WZKU7H41XtiL9eGb1y1wy%2FfZiVQpvdvCZteozGXcceSr1cl58Ksa8ME%2BW7D7ohwO7O7q5mJs%2BTa9tr6Ri8xwlqp4zGofLT1N5ickMqrz0%2Fv89LPf0CaMUxWoJedkZlB6lOw5AA2mbO3msCoeU%2BYLCLPipGph%2FNPJQmUmNc0LGD%2FVYfz%2FNDeRcdUQNM706vsmwJ9VYCqIWy2NEoTc3bl4eelfYFQVUahMpWjUBn1aTna26W7Ph3yhLz0iw8rz6siiNxIuHURRu0wWqEub0d%2BO6RtT6yEAfWQ2gl78mTtHwAAAP%2F%2FAQAA%2F%2F8%2BSOKWhgQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 castcloudywhereby.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuTuYHP%2BJl%2Fbh40UEQFGTSPdM9mXGRxWSNBNck%2B0XwWF1VPSmnpqut6p6e5BRckD3OwYN66jyTbFAXcf8ARSaCLEFw57LkYA4Lnjx4EMSj9OzA6Av1ftTzHp7nfd9PDrML4iKj59vv632pFF0Oam71tR0Zc53b6uatqufW3MvVHRk3%2FcvVQelM%2F03PDWru69V3Bevq5brrua7netV1aUSkB8tTFDK53%2FZqbbfm12te4GNg%2FlvbzIGlDnj%2FgjwHySf%2F2334AJKNEfe%2BvSpsN9XJG%2B%2F0MkVTbdDnJ7fjbqzzGL15GhkHUXwy64a2E0I%2BW4COT2YKoPtHpQKEckKcxx7C%2BGRGE2H%2F%2BCnTUEHECPkzyPtjCDWGpGMwfQeSPyIA49jcQty7t6lNTveeorREJ6Ty15%2BQ%2BYRUfn0Bce%2BbVSUH1ZtaZanUscUgKiAHY8jOGEl2inTfgcxPwdKPITlB3CsgeTFVLeUYMhpDiSGodZCVTzrIIgdZ4qDHz6s0aEeuuxKFUaPR8hljjQZjQavJA97wW5GLjJW0hkiTIZgagpkDJOYAXTmEyX6A3S1guQObTohz%2FQB9XiAXBLklyClBLgnylCDvF8dc2bot7nFls9CbxfosNoqRTjuH9FinHRGTw%2BSCPFvOw7m0tIauOK82mystv%2BW5bp351Kv7QbNOG34zaPtBM2j5TVhZQNqFqdR9OSEvL%2FyORE7I%2F3%2F7CCE9hVWnYHIRNPNA89FK3QXdHfktF%2Fvx913Nhd2liZKMprKvbS1UumMTndaY7oHrAklaQbrnHKoL8uJ0U69UPoBgZ1d%2BWnorGT1eAjMFElPgQ%2FkjQUfdHd3QOTm6oXNLHmwlqezJfVpu8WZKU7H41XtiL9eGb1y1wy%2FfZiVQpvdvCZteozGXcceSr1cl58Ksa8ME%2BW7D7ohwO7O7q5mJs%2BTa9tr6Ri8xwlqp4zGofLT1N5ickMqrz0%2Fv89LPf0CaMUxWoJedkZlB6lOw5AA2mbO3msCoeU%2BYLCLPipGph%2FNPJQmUmNc0LGD%2FVYfz%2FNDeRcdUQNM706vsmwJ9VYCqIWy2NEoTc3bl4eelfYFQVUahMpWjUBn1aTna26W7Ph3yhLz0iw8rz6siiNxIuHURRu0wWqEub0d%2BO6RtT6yEAfWQ2gl78mTtHwAAAP%2F%2FAQAA%2F%2F8%2BSOKWhgQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuTuYHP%2BJl%2Fbh40UEQFGTSPdM9mXGRxWSNBNck%2B0XwWF1VPSmnpqut6p6e5BRckD3OwYN66jyTbFAXcf8ARSaCLEFw57LkYA4Lnjx4EMSj9OzA6Av1ftTzHp7nfd9PDrML4iKj59vv632pFF0Oam71tR0Zc53b6uatqufW3MvVHRk3%2FcvVQelM%2F03PDWru69V3Bevq5brrua7netV1aUSkB8tTFDK53%2FZqbbfm12te4GNg%2FlvbzIGlDnj%2FgjwHySf%2F2334AJKNEfe%2BvSpsN9XJG%2B%2F0MkVTbdDnJ7fjbqzzGL15GhkHUXwy64a2E0I%2BW4COT2YKoPtHpQKEckKcxx7C%2BGRGE2H%2F%2BCnTUEHECPkzyPtjCDWGpGMwfQeSPyIA49jcQty7t6lNTveeorREJ6Ty15%2BQ%2BYRUfn0Bce%2BbVSUH1ZtaZanUscUgKiAHY8jOGEl2inTfgcxPwdKPITlB3CsgeTFVLeUYMhpDiSGodZCVTzrIIgdZ4qDHz6s0aEeuuxKFUaPR8hljjQZjQavJA97wW5GLjJW0hkiTIZgagpkDJOYAXTmEyX6A3S1guQObTohz%2FQB9XiAXBLklyClBLgnylCDvF8dc2bot7nFls9CbxfosNoqRTjuH9FinHRGTw%2BSCPFvOw7m0tIauOK82mystv%2BW5bp351Kv7QbNOG34zaPtBM2j5TVhZQNqFqdR9OSEvL%2FyORE7I%2F3%2F7CCE9hVWnYHIRNPNA89FK3QXdHfktF%2Fvx913Nhd2liZKMprKvbS1UumMTndaY7oHrAklaQbrnHKoL8uJ0U69UPoBgZ1d%2BWnorGT1eAjMFElPgQ%2FkjQUfdHd3QOTm6oXNLHmwlqezJfVpu8WZKU7H41XtiL9eGb1y1wy%2FfZiVQpvdvCZteozGXcceSr1cl58Ksa8ME%2BW7D7ohwO7O7q5mJs%2BTa9tr6Ri8xwlqp4zGofLT1N5ickMqrz0%2Fv89LPf0CaMUxWoJedkZlB6lOw5AA2mbO3msCoeU%2BYLCLPipGph%2FNPJQmUmNc0LGD%2FVYfz%2FNDeRcdUQNM706vsmwJ9VYCqIWy2NEoTc3bl4eelfYFQVUahMpWjUBn1aTna26W7Ph3yhLz0iw8rz6siiNxIuHURRu0wWqEub0d%2BO6RtT6yEAfWQ2gl78mTtHwAAAP%2F%2FAQAA%2F%2F8%2BSOKWhgQAAA%3D%3D HTTP/1.1
Host: castcloudywhereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Cookie: u_pl=17828419; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 23:44:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 03df1e7593e24a097a3b192071a37e12
Strict-Transport-Security: max-age=0; includeSubdomains
pistolsizehoe.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSy4scVRTGb01GCHGj4kIRsRYuFJxOVXf1yyyCMUaCMQlJJOv7qp5r36pb3lvV1TOrwYBk2a4U3NR8PQ9GgyR%2FgA96spFZpUVkQAcJBBduFMGNG%2BmehsGzuOec%2BzuLc75zPtksjkiAgh5ef9%2BsK63p2WYt8F%2B7rVJhSudfveWHQS04599WaSs65w9njx28GQbNWvC6%2F67kfXO2HoRBEAahf0lZGZvh2TmFyu51w1o3qEX1WtiMMLT%2Fz13hwVEPYnBEnoMS06dWf3gAxSdIk%2FsXpevnJnvjnaTQNDcWA7H7QdpPTZkiOQlj6yFOdxfVMG5KyOdLMOnuYgKYwdZsAjA1Jd7PIVi6u2gTbLB93CnTkCmYeBrlYAKpJ1B0Am7uQIlHBOACV68hTXauGlvStWNKZ3RKlv%2F5G6qckuVfn0eafH1Bq6F%2F0%2BgiVyZ1GMYV1HAC1ZsgK%2FaRr3tQ5T54%2FjGUIEiTCkocvhpHYRi1ebjS7YStlajD5Eo3brZXZLfVkqzeabc6zbk0Sk2g4gm0HIG6JRTOQ6E8FLGHIvOQiEOfNrtxELRjFjcanYhz3mhw3uy0RFM0ok4coOCz3kfIsxG4HoHbDWR2A301gi2%2Bh1ut4IQHlxMMRIVSEpSOoKQEpSIoc4JyUG0L7equ2hHaFSxc%2BPrCN6qxyXubdNvkPZmSzeyIPDsTzHvmzB768tAXYdTqCNquB7QVyY6ss7BNZafRDRq80YwCOFVBuSVQ52FdTckrS38gU1Ny%2BslHYHQfTu%2BDq1Ogxcug5bhdD0BXx1EnwHr6bd8I6VZpphWnuRoYV2Pa9Fxm8ho3CYSpkOXLyNe8TX1EXpyv8txnTyD5wfnf7H3%2F4Rc74LZCZit8qB4S9PTd8Q1Tkq0bpnTkwbUsV4lap7M138xpLpe%2FfE%2BulcaKyxfdaO8tPgOz8N4t6fIrNBUq7Tny1QUlhLSXjOWSfHPZ3ZbseuFWLxQ2LbIr19%2B%2BdDnJrHROmXQCqh7ZPXA1JWd%2BeWl%2BwP7pF6DsBLaokBQHZGFQZh8824DLDs7%2FNP1r79%2FfEzhDYPVJDcs8lEU1tnV28qkVgZYnOWUVnDyRgMmD7%2F48ZpvuLnrWA83vzM92YCsMdAWqR3DFqXGe2YPzPzbmBqa9MdPW22La6k%2BPpXXq0JfNOIhlUJcs7rK4TQPRjaMuo91QtlmThsjdlD9%2BfPE%2FAAAA%2F%2F8BAAD%2F%2F7%2FwB2GYBAAA
200 OK 7 B URL HTTP/1.1 pistolsizehoe.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSy4scVRTGb01GCHGj4kIRsRYuFJxOVXf1yyyCMUaCMQlJJOv7qp5r36pb3lvV1TOrwYBk2a4U3NR8PQ9GgyR%2FgA96spFZpUVkQAcJBBduFMGNG%2BmehsGzuOec%2BzuLc75zPtksjkiAgh5ef9%2BsK63p2WYt8F%2B7rVJhSudfveWHQS04599WaSs65w9njx28GQbNWvC6%2F67kfXO2HoRBEAahf0lZGZvh2TmFyu51w1o3qEX1WtiMMLT%2Fz13hwVEPYnBEnoMS06dWf3gAxSdIk%2FsXpevnJnvjnaTQNDcWA7H7QdpPTZkiOQlj6yFOdxfVMG5KyOdLMOnuYgKYwdZsAjA1Jd7PIVi6u2gTbLB93CnTkCmYeBrlYAKpJ1B0Am7uQIlHBOACV68hTXauGlvStWNKZ3RKlv%2F5G6qckuVfn0eafH1Bq6F%2F0%2BgiVyZ1GMYV1HAC1ZsgK%2FaRr3tQ5T54%2FjGUIEiTCkocvhpHYRi1ebjS7YStlajD5Eo3brZXZLfVkqzeabc6zbk0Sk2g4gm0HIG6JRTOQ6E8FLGHIvOQiEOfNrtxELRjFjcanYhz3mhw3uy0RFM0ok4coOCz3kfIsxG4HoHbDWR2A301gi2%2Bh1ut4IQHlxMMRIVSEpSOoKQEpSIoc4JyUG0L7equ2hHaFSxc%2BPrCN6qxyXubdNvkPZmSzeyIPDsTzHvmzB768tAXYdTqCNquB7QVyY6ss7BNZafRDRq80YwCOFVBuSVQ52FdTckrS38gU1Ny%2BslHYHQfTu%2BDq1Ogxcug5bhdD0BXx1EnwHr6bd8I6VZpphWnuRoYV2Pa9Fxm8ho3CYSpkOXLyNe8TX1EXpyv8txnTyD5wfnf7H3%2F4Rc74LZCZit8qB4S9PTd8Q1Tkq0bpnTkwbUsV4lap7M138xpLpe%2FfE%2BulcaKyxfdaO8tPgOz8N4t6fIrNBUq7Tny1QUlhLSXjOWSfHPZ3ZbseuFWLxQ2LbIr19%2B%2BdDnJrHROmXQCqh7ZPXA1JWd%2BeWl%2BwP7pF6DsBLaokBQHZGFQZh8824DLDs7%2FNP1r79%2FfEzhDYPVJDcs8lEU1tnV28qkVgZYnOWUVnDyRgMmD7%2F48ZpvuLnrWA83vzM92YCsMdAWqR3DFqXGe2YPzPzbmBqa9MdPW22La6k%2BPpXXq0JfNOIhlUJcs7rK4TQPRjaMuo91QtlmThsjdlD9%2BfPE%2FAAAA%2F%2F8BAAD%2F%2F7%2FwB2GYBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSy4scVRTGb01GCHGj4kIRsRYuFJxOVXf1yyyCMUaCMQlJJOv7qp5r36pb3lvV1TOrwYBk2a4U3NR8PQ9GgyR%2FgA96spFZpUVkQAcJBBduFMGNG%2BmehsGzuOec%2BzuLc75zPtksjkiAgh5ef9%2BsK63p2WYt8F%2B7rVJhSudfveWHQS04599WaSs65w9njx28GQbNWvC6%2F67kfXO2HoRBEAahf0lZGZvh2TmFyu51w1o3qEX1WtiMMLT%2Fz13hwVEPYnBEnoMS06dWf3gAxSdIk%2FsXpevnJnvjnaTQNDcWA7H7QdpPTZkiOQlj6yFOdxfVMG5KyOdLMOnuYgKYwdZsAjA1Jd7PIVi6u2gTbLB93CnTkCmYeBrlYAKpJ1B0Am7uQIlHBOACV68hTXauGlvStWNKZ3RKlv%2F5G6qckuVfn0eafH1Bq6F%2F0%2BgiVyZ1GMYV1HAC1ZsgK%2FaRr3tQ5T54%2FjGUIEiTCkocvhpHYRi1ebjS7YStlajD5Eo3brZXZLfVkqzeabc6zbk0Sk2g4gm0HIG6JRTOQ6E8FLGHIvOQiEOfNrtxELRjFjcanYhz3mhw3uy0RFM0ok4coOCz3kfIsxG4HoHbDWR2A301gi2%2Bh1ut4IQHlxMMRIVSEpSOoKQEpSIoc4JyUG0L7equ2hHaFSxc%2BPrCN6qxyXubdNvkPZmSzeyIPDsTzHvmzB768tAXYdTqCNquB7QVyY6ss7BNZafRDRq80YwCOFVBuSVQ52FdTckrS38gU1Ny%2BslHYHQfTu%2BDq1Ogxcug5bhdD0BXx1EnwHr6bd8I6VZpphWnuRoYV2Pa9Fxm8ho3CYSpkOXLyNe8TX1EXpyv8txnTyD5wfnf7H3%2F4Rc74LZCZit8qB4S9PTd8Q1Tkq0bpnTkwbUsV4lap7M138xpLpe%2FfE%2BulcaKyxfdaO8tPgOz8N4t6fIrNBUq7Tny1QUlhLSXjOWSfHPZ3ZbseuFWLxQ2LbIr19%2B%2BdDnJrHROmXQCqh7ZPXA1JWd%2BeWl%2BwP7pF6DsBLaokBQHZGFQZh8824DLDs7%2FNP1r79%2FfEzhDYPVJDcs8lEU1tnV28qkVgZYnOWUVnDyRgMmD7%2F48ZpvuLnrWA83vzM92YCsMdAWqR3DFqXGe2YPzPzbmBqa9MdPW22La6k%2BPpXXq0JfNOIhlUJcs7rK4TQPRjaMuo91QtlmThsjdlD9%2BfPE%2FAAAA%2F%2F8BAAD%2F%2F7%2FwB2GYBAAA HTTP/1.1
Host: pistolsizehoe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Cookie: u_pl=17828521; uid_id2=f41147c1-9816-48be-9f57-e966eb287685:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 07 Feb 2023 23:44:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a2c73cd8a0f314d1cc14fc35e224adc8
Strict-Transport-Security: max-age=0; includeSubdomains
castcloudywhereby.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzs4PfsTL%2BnHxooMgKMhs90zPl4ssJmskuCbZL4LH6qqaSTk1XW1Vf0xyCi7IHufgQT11nkk2qIu4f4AiE0GWILh9WXIwhwVP4kkQj9KzA6Mv1PtRz3t4nvd9PzlIzomLhJ5tva%2F3pFL0UrPmVl%2FbliHXma1u3Kp6bs29XN2WYcu%2FXB2VzqRvem6z5r5efVewgb5Udz3X9VyvuiaN6OnRpRkKGd3verWuW%2FPrNa%2FpY2T%2BW9vEgaUOeHpOnoPkxf92Hj6AZFOEw2%2BvCjuIdfTGO8NE0VgbpPz4djgIdRZiuEh7xkEvPJ53Q9uCkM%2BWoMPjuQLo9LBUgEAWxHnsIQiP5zQRpEdPmQYKIkTAn0GWTiHUFJJOwfQdSP6IAIxjYxPh8N6GNhndfYrSEi1I5a8%2FIbOCVH59AeHwmxUlR9WbWiWx1KHFqJdDjqaQ%2FSmi5ATxngOZnYDFH0NygnCYQ%2FJ8plrKKWRvCiXGoNZBUj7pIOk5SCIHQ35Wpc1uz3XbvaDXaHR8xlijwViz0%2BJN3vA7PRcJK2mNEUdjMDUGM%2FuIzD4GcgyT%2FAC7k8NyBzYuiHN9HynPkQmCzBJklCCTBFlMkKX5EVe2bvN7XNkk8OaxPo%2BNfKLj%2FgE90nFfhOQgOifPlvNwLi6vYiDOqq1Wu%2BN3PNetM596db%2FZqtOG32p2%2FWar2fFbsDKHtEszqXuyIC8v%2FY5IFuT%2Fv32EgJ7AqhMweQE08UCzSbvugu5M%2FI6LvfD7gebC7tBISUZjmWpbC5Tu20jHNaaH4DpHFFcQ7zoH6py8ONvUK5XrEOz0yk%2FLb0WTx8tgJkdkcnwofyToq7uTGzojhzd0ZsmDzSiWQ7lHyy3ejGksLnz1ntjNtOHrV%2B34y7dZCZTp%2FVvCxtdoyGXYt%2BTrFcm5MGvaMEG%2BW7fbIthK7M5KYsIkura1urY%2BjIywVupwCiofbf4NJgtSefX52X1e%2FPkPSDOFSXIMk1MyN0h9Ahbtw0YL9lYTGLXoCaIlZEk%2BMfVg8akkgRKLmgY57L%2FqYJEf2LvomwpofGd2lanJkaocVI1hk%2BVJHJnTKw8%2FL%2B0LBKoyCZSpHAbKqE%2FL0d6ezbd0HxTkpV98WHlWbXq%2B6ASdNuM8EIx77Xqj03DdOud%2Buyu8LmJbsCdPVv8BAAD%2F%2FwEAAP%2F%2FoxbLzoYEAAA%3D
200 OK 7 B URL HTTP/1.1 castcloudywhereby.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzs4PfsTL%2BnHxooMgKMhs90zPl4ssJmskuCbZL4LH6qqaSTk1XW1Vf0xyCi7IHufgQT11nkk2qIu4f4AiE0GWILh9WXIwhwVP4kkQj9KzA6Mv1PtRz3t4nvd9PzlIzomLhJ5tva%2F3pFL0UrPmVl%2FbliHXma1u3Kp6bs29XN2WYcu%2FXB2VzqRvem6z5r5efVewgb5Udz3X9VyvuiaN6OnRpRkKGd3verWuW%2FPrNa%2FpY2T%2BW9vEgaUOeHpOnoPkxf92Hj6AZFOEw2%2BvCjuIdfTGO8NE0VgbpPz4djgIdRZiuEh7xkEvPJ53Q9uCkM%2BWoMPjuQLo9LBUgEAWxHnsIQiP5zQRpEdPmQYKIkTAn0GWTiHUFJJOwfQdSP6IAIxjYxPh8N6GNhndfYrSEi1I5a8%2FIbOCVH59AeHwmxUlR9WbWiWx1KHFqJdDjqaQ%2FSmi5ATxngOZnYDFH0NygnCYQ%2FJ8plrKKWRvCiXGoNZBUj7pIOk5SCIHQ35Wpc1uz3XbvaDXaHR8xlijwViz0%2BJN3vA7PRcJK2mNEUdjMDUGM%2FuIzD4GcgyT%2FAC7k8NyBzYuiHN9HynPkQmCzBJklCCTBFlMkKX5EVe2bvN7XNkk8OaxPo%2BNfKLj%2FgE90nFfhOQgOifPlvNwLi6vYiDOqq1Wu%2BN3PNetM596db%2FZqtOG32p2%2FWar2fFbsDKHtEszqXuyIC8v%2FY5IFuT%2Fv32EgJ7AqhMweQE08UCzSbvugu5M%2FI6LvfD7gebC7tBISUZjmWpbC5Tu20jHNaaH4DpHFFcQ7zoH6py8ONvUK5XrEOz0yk%2FLb0WTx8tgJkdkcnwofyToq7uTGzojhzd0ZsmDzSiWQ7lHyy3ejGksLnz1ntjNtOHrV%2B34y7dZCZTp%2FVvCxtdoyGXYt%2BTrFcm5MGvaMEG%2BW7fbIthK7M5KYsIkura1urY%2BjIywVupwCiofbf4NJgtSefX52X1e%2FPkPSDOFSXIMk1MyN0h9Ahbtw0YL9lYTGLXoCaIlZEk%2BMfVg8akkgRKLmgY57L%2FqYJEf2LvomwpofGd2lanJkaocVI1hk%2BVJHJnTKw8%2FL%2B0LBKoyCZSpHAbKqE%2FL0d6ezbd0HxTkpV98WHlWbXq%2B6ASdNuM8EIx77Xqj03DdOud%2Buyu8LmJbsCdPVv8BAAD%2F%2FwEAAP%2F%2FoxbLzoYEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzs4PfsTL%2BnHxooMgKMhs90zPl4ssJmskuCbZL4LH6qqaSTk1XW1Vf0xyCi7IHufgQT11nkk2qIu4f4AiE0GWILh9WXIwhwVP4kkQj9KzA6Mv1PtRz3t4nvd9PzlIzomLhJ5tva%2F3pFL0UrPmVl%2FbliHXma1u3Kp6bs29XN2WYcu%2FXB2VzqRvem6z5r5efVewgb5Udz3X9VyvuiaN6OnRpRkKGd3verWuW%2FPrNa%2FpY2T%2BW9vEgaUOeHpOnoPkxf92Hj6AZFOEw2%2BvCjuIdfTGO8NE0VgbpPz4djgIdRZiuEh7xkEvPJ53Q9uCkM%2BWoMPjuQLo9LBUgEAWxHnsIQiP5zQRpEdPmQYKIkTAn0GWTiHUFJJOwfQdSP6IAIxjYxPh8N6GNhndfYrSEi1I5a8%2FIbOCVH59AeHwmxUlR9WbWiWx1KHFqJdDjqaQ%2FSmi5ATxngOZnYDFH0NygnCYQ%2FJ8plrKKWRvCiXGoNZBUj7pIOk5SCIHQ35Wpc1uz3XbvaDXaHR8xlijwViz0%2BJN3vA7PRcJK2mNEUdjMDUGM%2FuIzD4GcgyT%2FAC7k8NyBzYuiHN9HynPkQmCzBJklCCTBFlMkKX5EVe2bvN7XNkk8OaxPo%2BNfKLj%2FgE90nFfhOQgOifPlvNwLi6vYiDOqq1Wu%2BN3PNetM596db%2FZqtOG32p2%2FWar2fFbsDKHtEszqXuyIC8v%2FY5IFuT%2Fv32EgJ7AqhMweQE08UCzSbvugu5M%2FI6LvfD7gebC7tBISUZjmWpbC5Tu20jHNaaH4DpHFFcQ7zoH6py8ONvUK5XrEOz0yk%2FLb0WTx8tgJkdkcnwofyToq7uTGzojhzd0ZsmDzSiWQ7lHyy3ejGksLnz1ntjNtOHrV%2B34y7dZCZTp%2FVvCxtdoyGXYt%2BTrFcm5MGvaMEG%2BW7fbIthK7M5KYsIkura1urY%2BjIywVupwCiofbf4NJgtSefX52X1e%2FPkPSDOFSXIMk1MyN0h9Ahbtw0YL9lYTGLXoCaIlZEk%2BMfVg8akkgRKLmgY57L%2FqYJEf2LvomwpofGd2lanJkaocVI1hk%2BVJHJnTKw8%2FL%2B0LBKoyCZSpHAbKqE%2FL0d6ezbd0HxTkpV98WHlWbXq%2B6ASdNuM8EIx77Xqj03DdOud%2Buyu8LmJbsCdPVv8BAAD%2F%2FwEAAP%2F%2FoxbLzoYEAAA%3D HTTP/1.1
Host: castcloudywhereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Cookie: u_pl=17828419; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 23:44:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6f6241d3389a2849b7840afeeb84c5f6
Strict-Transport-Security: max-age=0; includeSubdomains
castcloudywhereby.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0f%2FIiX9ePiRQdBUJBJ90zPl4ssJmskuCbZL4LH6qqaSTk1XW1Vf0xyCi7IHufgQT11nkk2qIu4f4AiE0GWILh9WXIwhwVPHjwI4lF6dmD0hXo%2F6nkPz%2FO%2B7ycHyTlxkdCzrff1nlSKLjdrbvW1bRlyndnqxq2q59bcy9VtGbb8y9VR6Uz6puc2a%2B7r1XcFG%2Bjluuu5rud61TVpRE%2BPlmcoZHS%2F69W6bs2v17ymj5H5b20TB5Y64Ok5eQ6SF%2F%2FbefgAkk0RDr%2B9Kuwg1tEb7wwTRWNtkPLj2%2BEg1FmI4SLtGQe98HjeDW0LQj67AB0ezxVAp4elAgSyIM5jD0F4PKeJID16yjRQECEC%2FgyydAqhppB0CqbvQPJHBGAcG5sIh%2Fc2tMno7lOUlmhBKn%2F9CZkVpPLrCwiH36woOare1CqJpQ4tRr0ccjSF7E8RJSeI9xzI7AQs%2FhiSE4TDHJLnM9VSTiF7UygxBrUOkvJJB0nPQRI5GPKzKm12e67b7gW9RqPjM8YaDcaanRZv8obf6blIWElrjDgag6kxmNlHZPYxkGOY5AfYnRyWO7BxQZzr%2B0h5jkwQZJYgowSZJMhigizNj7iydZvf48omgTeP9Xls5BMd9w%2FokY77IiQH0Tl5tpyHc2lpFQNxVm212h2%2F47lunfnUq%2FvNVp02%2FFaz6zdbzY7fgpU5pL0wk7onC%2FLyhd8RyYL8%2F7ePENATWHUCJi%2BCJh5oNmnXXdCdid9xsRd%2BP9Bc2B0aKcloLFNta4HSfRvpuMb0EFzniOIK4l3nQJ2TF2ebeqXyAQQ7vfLT0lvR5PESmMkRmRwfyh8J%2Buru5IbOyOENnVnyYDOK5VDu0XKLN2Mai4tfvSd2M234%2BlU7%2FvJtVgJlev%2BWsPE1GnIZ9i35ekVyLsyaNkyQ79bttgi2Eruzkpgwia5tra6tDyMjrJU6nILKR5t%2Fg8mCVF59fnafl37%2BA9JMYZIcw%2BSUzA1Sn4BF%2B7DRgr3VBEYteoLoIrIkn5h6sPhUkkCJRU2DHPZfdbDID%2Bxd9E0FNL4zu8rU5EhVDqrGsMnSJI7M6ZWHn5f2BQJVmQTKVA4DZdSn5Whvl%2B76bMgFeekXH1aeVZueLzpBp804DwTjXrve6DRct8653%2B4Kr4vYFuzJk9V%2FAAAA%2F%2F8BAAD%2F%2FypAbHCGBAAA
200 OK 7 B URL HTTP/1.1 castcloudywhereby.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0f%2FIiX9ePiRQdBUJBJ90zPl4ssJmskuCbZL4LH6qqaSTk1XW1Vf0xyCi7IHufgQT11nkk2qIu4f4AiE0GWILh9WXIwhwVPHjwI4lF6dmD0hXo%2F6nkPz%2FO%2B7ycHyTlxkdCzrff1nlSKLjdrbvW1bRlyndnqxq2q59bcy9VtGbb8y9VR6Uz6puc2a%2B7r1XcFG%2Bjluuu5rud61TVpRE%2BPlmcoZHS%2F69W6bs2v17ymj5H5b20TB5Y64Ok5eQ6SF%2F%2FbefgAkk0RDr%2B9Kuwg1tEb7wwTRWNtkPLj2%2BEg1FmI4SLtGQe98HjeDW0LQj67AB0ezxVAp4elAgSyIM5jD0F4PKeJID16yjRQECEC%2FgyydAqhppB0CqbvQPJHBGAcG5sIh%2Fc2tMno7lOUlmhBKn%2F9CZkVpPLrCwiH36woOare1CqJpQ4tRr0ccjSF7E8RJSeI9xzI7AQs%2FhiSE4TDHJLnM9VSTiF7UygxBrUOkvJJB0nPQRI5GPKzKm12e67b7gW9RqPjM8YaDcaanRZv8obf6blIWElrjDgag6kxmNlHZPYxkGOY5AfYnRyWO7BxQZzr%2B0h5jkwQZJYgowSZJMhigizNj7iydZvf48omgTeP9Xls5BMd9w%2FokY77IiQH0Tl5tpyHc2lpFQNxVm212h2%2F47lunfnUq%2FvNVp02%2FFaz6zdbzY7fgpU5pL0wk7onC%2FLyhd8RyYL8%2F7ePENATWHUCJi%2BCJh5oNmnXXdCdid9xsRd%2BP9Bc2B0aKcloLFNta4HSfRvpuMb0EFzniOIK4l3nQJ2TF2ebeqXyAQQ7vfLT0lvR5PESmMkRmRwfyh8J%2Buru5IbOyOENnVnyYDOK5VDu0XKLN2Mai4tfvSd2M234%2BlU7%2FvJtVgJlev%2BWsPE1GnIZ9i35ekVyLsyaNkyQ79bttgi2Eruzkpgwia5tra6tDyMjrJU6nILKR5t%2Fg8mCVF59fnafl37%2BA9JMYZIcw%2BSUzA1Sn4BF%2B7DRgr3VBEYteoLoIrIkn5h6sPhUkkCJRU2DHPZfdbDID%2Bxd9E0FNL4zu8rU5EhVDqrGsMnSJI7M6ZWHn5f2BQJVmQTKVA4DZdSn5Whvl%2B76bMgFeekXH1aeVZueLzpBp804DwTjXrve6DRct8653%2B4Kr4vYFuzJk9V%2FAAAA%2F%2F8BAAD%2F%2FypAbHCGBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0f%2FIiX9ePiRQdBUJBJ90zPl4ssJmskuCbZL4LH6qqaSTk1XW1Vf0xyCi7IHufgQT11nkk2qIu4f4AiE0GWILh9WXIwhwVPHjwI4lF6dmD0hXo%2F6nkPz%2FO%2B7ycHyTlxkdCzrff1nlSKLjdrbvW1bRlyndnqxq2q59bcy9VtGbb8y9VR6Uz6puc2a%2B7r1XcFG%2Bjluuu5rud61TVpRE%2BPlmcoZHS%2F69W6bs2v17ymj5H5b20TB5Y64Ok5eQ6SF%2F%2FbefgAkk0RDr%2B9Kuwg1tEb7wwTRWNtkPLj2%2BEg1FmI4SLtGQe98HjeDW0LQj67AB0ezxVAp4elAgSyIM5jD0F4PKeJID16yjRQECEC%2FgyydAqhppB0CqbvQPJHBGAcG5sIh%2Fc2tMno7lOUlmhBKn%2F9CZkVpPLrCwiH36woOare1CqJpQ4tRr0ccjSF7E8RJSeI9xzI7AQs%2FhiSE4TDHJLnM9VSTiF7UygxBrUOkvJJB0nPQRI5GPKzKm12e67b7gW9RqPjM8YaDcaanRZv8obf6blIWElrjDgag6kxmNlHZPYxkGOY5AfYnRyWO7BxQZzr%2B0h5jkwQZJYgowSZJMhigizNj7iydZvf48omgTeP9Xls5BMd9w%2FokY77IiQH0Tl5tpyHc2lpFQNxVm212h2%2F47lunfnUq%2FvNVp02%2FFaz6zdbzY7fgpU5pL0wk7onC%2FLyhd8RyYL8%2F7ePENATWHUCJi%2BCJh5oNmnXXdCdid9xsRd%2BP9Bc2B0aKcloLFNta4HSfRvpuMb0EFzniOIK4l3nQJ2TF2ebeqXyAQQ7vfLT0lvR5PESmMkRmRwfyh8J%2Buru5IbOyOENnVnyYDOK5VDu0XKLN2Mai4tfvSd2M234%2BlU7%2FvJtVgJlev%2BWsPE1GnIZ9i35ekVyLsyaNkyQ79bttgi2Eruzkpgwia5tra6tDyMjrJU6nILKR5t%2Fg8mCVF59fnafl37%2BA9JMYZIcw%2BSUzA1Sn4BF%2B7DRgr3VBEYteoLoIrIkn5h6sPhUkkCJRU2DHPZfdbDID%2Bxd9E0FNL4zu8rU5EhVDqrGsMnSJI7M6ZWHn5f2BQJVmQTKVA4DZdSn5Whvl%2B76bMgFeekXH1aeVZueLzpBp804DwTjXrve6DRct8653%2B4Kr4vYFuzJk9V%2FAAAA%2F%2F8BAAD%2F%2FypAbHCGBAAA HTTP/1.1
Host: castcloudywhereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Cookie: u_pl=17828419; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 23:44:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 63adab8361c4e912f3fbd25df4071f58
Strict-Transport-Security: max-age=0; includeSubdomains
castcloudywhereby.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0f%2FIiX9ePiRQdBUJBJ90zPl4ssJmskuCbZL4LH6qqaSTk1XW1Vf0xyCi7IHufgQT11nkk2qIu4f4AiE0GWILh9WXIwhwVPghdBPErPDoy%2BUO9HPe%2Fhed73%2FeQgOScuEnq29b7ek0rR5WbNrb62LUOuM1vduFX13Jp7ubotw5Z%2FuToqnUnf9NxmzX29%2Bq5gA71cdz3X9VyvuiaN6OnR8gyFjO53vVrXrfn1mtf0MTL%2FrW3iwFIHPD0nz0Hy4n87Dx9AsinC4bdXhR3EOnrjnWGiaKwNUn58OxyEOgsxXKQ946AXHs%2B7oW1ByGcXoMPjuQLo9LBUgEAWxHnsIQiP5zQRpEdPmQYKIkTAn0GWTiHUFJJOwfQdSP6IAIxjYxPh8N6GNhndfYrSEi1I5a8%2FIbOCVH59AeHwmxUlR9WbWiWx1KHFqJdDjqaQ%2FSmi5ATxngOZnYDFH0NygnCYQ%2FJ8plrKKWRvCiXGoNZBUj7pIOk5SCIHQ35Wpc1uz3XbvaDXaHR8xlijwViz0%2BJN3vA7PRcJK2mNEUdjMDUGM%2FuIzD4GcgyT%2FAC7k8NyBzYuiHN9HynPkQmCzBJklCCTBFlMkKX5EVe2bvN7XNkk8OaxPo%2BNfKLj%2FgE90nFfhOQgOifPlvNwLi2tYiDOqq1Wu%2BN3PNetM596db%2FZqtOG32p2%2FWar2fFbsDKHtBdmUvdkQV6%2B8DsiWZD%2F%2F%2FYRAnoCq07A5EXQxAPNJu26C7oz8Tsu9sLvB5oLu0MjJRmNZaptLVC6byMd15geguscUVxBvOscqHPy4mxTr1RuQ7DTKz8tvRVNHi%2BBmRyRyfGh%2FJGgr%2B5ObuiMHN7QmSUPNqNYDuUeLbd4M6axuPjVe2I304avX7XjL99mJVCm928JG1%2BjIZdh35KvVyTnwqxpwwT5bt1ui2ArsTsriQmT6NrW6tr6MDLCWqnDKah8tPk3mCxI5dXnZ%2Fd56ec%2FIM0UJskxTE7J3CD1CVi0Dxst2FtNYNSiJ4gcZEk%2BMfVg8akkgRKLmgY57L%2FqYJEf2LvomwpofGd2lanJkaocVI1hk6VJHJnTKw8%2FL%2B0LBKoyCZSpHAbKqE9noy3d9dJ9UJCXfvFh5Vm16fmiE3TajPNAMO61641Ow3XrnPvtrvC6iG3BnjxZ%2FQcAAP%2F%2FAQAA%2F%2F%2B53B%2F4hgQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 castcloudywhereby.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0f%2FIiX9ePiRQdBUJBJ90zPl4ssJmskuCbZL4LH6qqaSTk1XW1Vf0xyCi7IHufgQT11nkk2qIu4f4AiE0GWILh9WXIwhwVPghdBPErPDoy%2BUO9HPe%2Fhed73%2FeQgOScuEnq29b7ek0rR5WbNrb62LUOuM1vduFX13Jp7ubotw5Z%2FuToqnUnf9NxmzX29%2Bq5gA71cdz3X9VyvuiaN6OnR8gyFjO53vVrXrfn1mtf0MTL%2FrW3iwFIHPD0nz0Hy4n87Dx9AsinC4bdXhR3EOnrjnWGiaKwNUn58OxyEOgsxXKQ946AXHs%2B7oW1ByGcXoMPjuQLo9LBUgEAWxHnsIQiP5zQRpEdPmQYKIkTAn0GWTiHUFJJOwfQdSP6IAIxjYxPh8N6GNhndfYrSEi1I5a8%2FIbOCVH59AeHwmxUlR9WbWiWx1KHFqJdDjqaQ%2FSmi5ATxngOZnYDFH0NygnCYQ%2FJ8plrKKWRvCiXGoNZBUj7pIOk5SCIHQ35Wpc1uz3XbvaDXaHR8xlijwViz0%2BJN3vA7PRcJK2mNEUdjMDUGM%2FuIzD4GcgyT%2FAC7k8NyBzYuiHN9HynPkQmCzBJklCCTBFlMkKX5EVe2bvN7XNkk8OaxPo%2BNfKLj%2FgE90nFfhOQgOifPlvNwLi2tYiDOqq1Wu%2BN3PNetM596db%2FZqtOG32p2%2FWar2fFbsDKHtBdmUvdkQV6%2B8DsiWZD%2F%2F%2FYRAnoCq07A5EXQxAPNJu26C7oz8Tsu9sLvB5oLu0MjJRmNZaptLVC6byMd15geguscUVxBvOscqHPy4mxTr1RuQ7DTKz8tvRVNHi%2BBmRyRyfGh%2FJGgr%2B5ObuiMHN7QmSUPNqNYDuUeLbd4M6axuPjVe2I304avX7XjL99mJVCm928JG1%2BjIZdh35KvVyTnwqxpwwT5bt1ui2ArsTsriQmT6NrW6tr6MDLCWqnDKah8tPk3mCxI5dXnZ%2Fd56ec%2FIM0UJskxTE7J3CD1CVi0Dxst2FtNYNSiJ4gcZEk%2BMfVg8akkgRKLmgY57L%2FqYJEf2LvomwpofGd2lanJkaocVI1hk6VJHJnTKw8%2FL%2B0LBKoyCZSpHAbKqE9noy3d9dJ9UJCXfvFh5Vm16fmiE3TajPNAMO61641Ow3XrnPvtrvC6iG3BnjxZ%2FQcAAP%2F%2FAQAA%2F%2F%2B53B%2F4hgQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0f%2FIiX9ePiRQdBUJBJ90zPl4ssJmskuCbZL4LH6qqaSTk1XW1Vf0xyCi7IHufgQT11nkk2qIu4f4AiE0GWILh9WXIwhwVPghdBPErPDoy%2BUO9HPe%2Fhed73%2FeQgOScuEnq29b7ek0rR5WbNrb62LUOuM1vduFX13Jp7ubotw5Z%2FuToqnUnf9NxmzX29%2Bq5gA71cdz3X9VyvuiaN6OnR8gyFjO53vVrXrfn1mtf0MTL%2FrW3iwFIHPD0nz0Hy4n87Dx9AsinC4bdXhR3EOnrjnWGiaKwNUn58OxyEOgsxXKQ946AXHs%2B7oW1ByGcXoMPjuQLo9LBUgEAWxHnsIQiP5zQRpEdPmQYKIkTAn0GWTiHUFJJOwfQdSP6IAIxjYxPh8N6GNhndfYrSEi1I5a8%2FIbOCVH59AeHwmxUlR9WbWiWx1KHFqJdDjqaQ%2FSmi5ATxngOZnYDFH0NygnCYQ%2FJ8plrKKWRvCiXGoNZBUj7pIOk5SCIHQ35Wpc1uz3XbvaDXaHR8xlijwViz0%2BJN3vA7PRcJK2mNEUdjMDUGM%2FuIzD4GcgyT%2FAC7k8NyBzYuiHN9HynPkQmCzBJklCCTBFlMkKX5EVe2bvN7XNkk8OaxPo%2BNfKLj%2FgE90nFfhOQgOifPlvNwLi2tYiDOqq1Wu%2BN3PNetM596db%2FZqtOG32p2%2FWar2fFbsDKHtBdmUvdkQV6%2B8DsiWZD%2F%2F%2FYRAnoCq07A5EXQxAPNJu26C7oz8Tsu9sLvB5oLu0MjJRmNZaptLVC6byMd15geguscUVxBvOscqHPy4mxTr1RuQ7DTKz8tvRVNHi%2BBmRyRyfGh%2FJGgr%2B5ObuiMHN7QmSUPNqNYDuUeLbd4M6axuPjVe2I304avX7XjL99mJVCm928JG1%2BjIZdh35KvVyTnwqxpwwT5bt1ui2ArsTsriQmT6NrW6tr6MDLCWqnDKah8tPk3mCxI5dXnZ%2Fd56ec%2FIM0UJskxTE7J3CD1CVi0Dxst2FtNYNSiJ4gcZEk%2BMfVg8akkgRKLmgY57L%2FqYJEf2LvomwpofGd2lanJkaocVI1hk6VJHJnTKw8%2FL%2B0LBKoyCZSpHAbKqE9noy3d9dJ9UJCXfvFh5Vm16fmiE3TajPNAMO61641Ow3XrnPvtrvC6iG3BnjxZ%2FQcAAP%2F%2FAQAA%2F%2F%2B53B%2F4hgQAAA%3D%3D HTTP/1.1
Host: castcloudywhereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Cookie: u_pl=17828419; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 23:44:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 093d5bf09321a931116bec37d881165e
Strict-Transport-Security: max-age=0; includeSubdomains
castcloudywhereby.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0fLPmB%2BHURRAdBUZFJ90zPl4sEkzUSXJPsF8FjdVXNpJyarraqe3qSU3BB9jgHD%2Bqp80yywTWI%2BwcoMhFkycX0ZcnBHBY8iEdBPEpPBqIv1PtRz3t4nvd9P9tNzoiLhJ6uf6i3pVJ0vl5xy69vyJDr1JZXb5c9t%2BJeLW%2FIsOFfLQ8LZwZve2694r5Rfl%2Bwnp6vup7req5XXpZGdPRwfopCRodtr9J2K3614tV9DM1%2Fa5s4sNQBH5yRZyF5%2Fr%2FNRw8h2QRh%2F7trwvZiHb31Xj9RNNYGA35wJ%2ByFOg3Rv0g7xkEnPJh1Q9uckC8uQYcHMwXQg71CAQKZE%2BexhyA8mNFEMNg%2FZxooiBAB%2Fz%2FSwQRCTSDpBEzfheQnBGAcq2sI%2B%2FdXtUnp1jlKCzQnpb%2F%2BhExzUvr1eYT9bxeVHJZvaZXEUocWw04GOZxAdieIkiPE2w5kegQWfwrJCcJ%2BBsmzqWopJ5CdCZQYgVoHSfGkg6TjIIkc9PlpmdbbHddtdoJOrdbyGWO1GmP1VoPXec1vdVwkrKA1QhyNwNQIzOwgMjvoyRFM8iPsZgbLHdg4J86NHQx4hlQQpJYgpQSpJEhjgnSQ7XNlqza7z5VNAm8Wq7NYy8Y67u7SfR13RUh2ozPyTDEP5%2Bm5JfTEabnRaLb8lue6VeZTr%2BrXG1Va8xv1tl9v1Ft%2BA1ZmkPbSVOq2zMnLl%2F5AJHNy5bdPENAjWHUEJi%2BDJh5oOm5WXdDNsd9ysR3%2B0NNc2E0aKcloLAfaVgKluzbScYXpPrjOEMUlxFvOrjojL0w39dIvPgQ7Xvh57p1o%2FHgOzGSITIaP5U8EXXVvfFOnZO%2BmTi15uBbFsi%2B3abHFWzGNxeUHH4itVBu%2Bcs2Ovn6XFUCRHt4WNr5OQy7DriXfLErOhVnWhgny%2FYrdEMF6YjcXExMm0fX1peWVfmSEtVKHE1B5svY3mMxJ6dXnpvf51MmbkGYCk2ToJ8dkZpD6CCzagY2OFx68eHjFe%2B13WE1g1EVPEJWQJtnYVIOLTyUJlLioaZDB%2FqsOLvJdew9dUwKN706vcmAyDFQGqkawydw4jszxwqMvC%2FsKgSqNA2VKe4Ey6vOcvFK6U7gbhfvofNJWnpbrni9aQavJOA8E416zWmvVXLfKud9sC6%2BN2ObsyZOlfwAAAP%2F%2FAQAA%2F%2F%2F24V1nhgQAAA%3D%3D
200 OK 7 B URL HTTP/1.1 castcloudywhereby.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0fLPmB%2BHURRAdBUZFJ90zPl4sEkzUSXJPsF8FjdVXNpJyarraqe3qSU3BB9jgHD%2Bqp80yywTWI%2BwcoMhFkycX0ZcnBHBY8iEdBPEpPBqIv1PtRz3t4nvd9P9tNzoiLhJ6uf6i3pVJ0vl5xy69vyJDr1JZXb5c9t%2BJeLW%2FIsOFfLQ8LZwZve2694r5Rfl%2Bwnp6vup7req5XXpZGdPRwfopCRodtr9J2K3614tV9DM1%2Fa5s4sNQBH5yRZyF5%2Fr%2FNRw8h2QRh%2F7trwvZiHb31Xj9RNNYGA35wJ%2ByFOg3Rv0g7xkEnPJh1Q9uckC8uQYcHMwXQg71CAQKZE%2BexhyA8mNFEMNg%2FZxooiBAB%2Fz%2FSwQRCTSDpBEzfheQnBGAcq2sI%2B%2FdXtUnp1jlKCzQnpb%2F%2BhExzUvr1eYT9bxeVHJZvaZXEUocWw04GOZxAdieIkiPE2w5kegQWfwrJCcJ%2BBsmzqWopJ5CdCZQYgVoHSfGkg6TjIIkc9PlpmdbbHddtdoJOrdbyGWO1GmP1VoPXec1vdVwkrKA1QhyNwNQIzOwgMjvoyRFM8iPsZgbLHdg4J86NHQx4hlQQpJYgpQSpJEhjgnSQ7XNlqza7z5VNAm8Wq7NYy8Y67u7SfR13RUh2ozPyTDEP5%2Bm5JfTEabnRaLb8lue6VeZTr%2BrXG1Va8xv1tl9v1Ft%2BA1ZmkPbSVOq2zMnLl%2F5AJHNy5bdPENAjWHUEJi%2BDJh5oOm5WXdDNsd9ysR3%2B0NNc2E0aKcloLAfaVgKluzbScYXpPrjOEMUlxFvOrjojL0w39dIvPgQ7Xvh57p1o%2FHgOzGSITIaP5U8EXXVvfFOnZO%2BmTi15uBbFsi%2B3abHFWzGNxeUHH4itVBu%2Bcs2Ovn6XFUCRHt4WNr5OQy7DriXfLErOhVnWhgny%2FYrdEMF6YjcXExMm0fX1peWVfmSEtVKHE1B5svY3mMxJ6dXnpvf51MmbkGYCk2ToJ8dkZpD6CCzagY2OFx68eHjFe%2B13WE1g1EVPEJWQJtnYVIOLTyUJlLioaZDB%2FqsOLvJdew9dUwKN706vcmAyDFQGqkawydw4jszxwqMvC%2FsKgSqNA2VKe4Ey6vOcvFK6U7gbhfvofNJWnpbrni9aQavJOA8E416zWmvVXLfKud9sC6%2BN2ObsyZOlfwAAAP%2F%2FAQAA%2F%2F%2F24V1nhgQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p0fLPmB%2BHURRAdBUZFJ90zPl4sEkzUSXJPsF8FjdVXNpJyarraqe3qSU3BB9jgHD%2Bqp80yywTWI%2BwcoMhFkycX0ZcnBHBY8iEdBPEpPBqIv1PtRz3t4nvd9P9tNzoiLhJ6uf6i3pVJ0vl5xy69vyJDr1JZXb5c9t%2BJeLW%2FIsOFfLQ8LZwZve2694r5Rfl%2Bwnp6vup7req5XXpZGdPRwfopCRodtr9J2K3614tV9DM1%2Fa5s4sNQBH5yRZyF5%2Fr%2FNRw8h2QRh%2F7trwvZiHb31Xj9RNNYGA35wJ%2ByFOg3Rv0g7xkEnPJh1Q9uckC8uQYcHMwXQg71CAQKZE%2BexhyA8mNFEMNg%2FZxooiBAB%2Fz%2FSwQRCTSDpBEzfheQnBGAcq2sI%2B%2FdXtUnp1jlKCzQnpb%2F%2BhExzUvr1eYT9bxeVHJZvaZXEUocWw04GOZxAdieIkiPE2w5kegQWfwrJCcJ%2BBsmzqWopJ5CdCZQYgVoHSfGkg6TjIIkc9PlpmdbbHddtdoJOrdbyGWO1GmP1VoPXec1vdVwkrKA1QhyNwNQIzOwgMjvoyRFM8iPsZgbLHdg4J86NHQx4hlQQpJYgpQSpJEhjgnSQ7XNlqza7z5VNAm8Wq7NYy8Y67u7SfR13RUh2ozPyTDEP5%2Bm5JfTEabnRaLb8lue6VeZTr%2BrXG1Va8xv1tl9v1Ft%2BA1ZmkPbSVOq2zMnLl%2F5AJHNy5bdPENAjWHUEJi%2BDJh5oOm5WXdDNsd9ysR3%2B0NNc2E0aKcloLAfaVgKluzbScYXpPrjOEMUlxFvOrjojL0w39dIvPgQ7Xvh57p1o%2FHgOzGSITIaP5U8EXXVvfFOnZO%2BmTi15uBbFsi%2B3abHFWzGNxeUHH4itVBu%2Bcs2Ovn6XFUCRHt4WNr5OQy7DriXfLErOhVnWhgny%2FYrdEMF6YjcXExMm0fX1peWVfmSEtVKHE1B5svY3mMxJ6dXnpvf51MmbkGYCk2ToJ8dkZpD6CCzagY2OFx68eHjFe%2B13WE1g1EVPEJWQJtnYVIOLTyUJlLioaZDB%2FqsOLvJdew9dUwKN706vcmAyDFQGqkawydw4jszxwqMvC%2FsKgSqNA2VKe4Ey6vOcvFK6U7gbhfvofNJWnpbrni9aQavJOA8E416zWmvVXLfKud9sC6%2BN2ObsyZOlfwAAAP%2F%2FAQAA%2F%2F%2F24V1nhgQAAA%3D%3D HTTP/1.1
Host: castcloudywhereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Cookie: u_pl=17828419; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 23:44:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d56aeba3b7b1c7d8f2fc63af019cde23
Strict-Transport-Security: max-age=0; includeSubdomains
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230206&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230206&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14771), with no line terminators
Hash b08bcebc1601635d58200ff313d4709e
56f9a8962f267cbc20924bfc59d683a68a973973
d17f4d922409aaf8036676adc824d9bd2862fc9c33bee3ce33b78b4141945144
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230206&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Tue, 07 Feb 2023 23:44:04 GMT
server: cafe
content-length: 11149
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 080db7257d0f7a743cb7a4fe4feb98c3
2a9ad662d542644edb3a419afef47919ee972c2c
ce6a934b34b879a5a817e316b4e71c3fea6a08ea252f2b971a8aad87dc2a1778
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 23:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b317d1ec3f151d7348a57c62f689a6ef
1fe7df7bc019e321f82943119fae230b0126258d
8fc767ad26c25f2f3b37af2517babae85f1a274b54cca3db1df4c80e939fd50f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FC767AD26C25F2F3B37AF2517BABAE85F1A274B54CCA3DB1DF4C80E939FD50F"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3285
Expires: Wed, 08 Feb 2023 00:38:49 GMT
Date: Tue, 07 Feb 2023 23:44:04 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 66fa0b95b3b1d96c88440eb0efe90905
20ae82de776a99a9554a5cc1991dccde3d40e0cd
cdc4cce67c893083dc982d08171b140983e41048b357818cfa766ddc2558a5a3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CDC4CCE67C893083DC982D08171B140983E41048B357818CFA766DDC2558A5A3"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3048
Expires: Wed, 08 Feb 2023 00:34:52 GMT
Date: Tue, 07 Feb 2023 23:44:04 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png
200 OK 591 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png
IP
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:04 GMT
content-type: image/png
content-length: 591
last-modified: Tue, 21 Sep 2021 12:03:43 GMT
etag: "6149ca1f-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5595655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dowuogqyXBjwENtrjzlqLyauruoe%2FgGd2LtfqLsGo98UfrFt3Pbl181tFTgwQbtfs2ylYOq%2BDoXuhRUcT9cr2qe7duUgv5tlpTm1DyJgMj60m0o3di60ujPhGxRWM5Hfrl2PtP4Wjhr1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795ffdce5a3a23de-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/d3/d1/b3/d3d1b3933aa7b496d9e1204be72308b2/1672873426.png
200 OK 74 kB URL HTTP/2 cdn.cloudimagesb.com/si/d3/d1/b3/d3d1b3933aa7b496d9e1204be72308b2/1672873426.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 7745eafaf9d9341680983b7119a94c16
4a85313147bf037da8082ae012d69a15ee88c0a6
a4abad4524a2df3f925df666a99925cd36cd19487a53427ba05771fca458caf9
GET /si/d3/d1/b3/d3d1b3933aa7b496d9e1204be72308b2/1672873426.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:04 GMT
content-type: image/png
content-length: 74291
server: nginx/1.17.6
last-modified: Wed, 04 Jan 2023 23:03:54 GMT
etag: "63b605da-12233"
expires: Thu, 09 Feb 2023 23:44:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 66fa0b95b3b1d96c88440eb0efe90905
20ae82de776a99a9554a5cc1991dccde3d40e0cd
cdc4cce67c893083dc982d08171b140983e41048b357818cfa766ddc2558a5a3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CDC4CCE67C893083DC982D08171B140983E41048B357818CFA766DDC2558A5A3"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3048
Expires: Wed, 08 Feb 2023 00:34:52 GMT
Date: Tue, 07 Feb 2023 23:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 32f2303686dd97bd505c717191db295e
ec7f36c2f8416458cac98eee989c51c7f880c747
8f093240519e2239d7c63c9236cb862fe2483d9f641c2beb99287b71d69c789e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F093240519E2239D7C63C9236CB862FE2483D9F641C2BEB99287B71D69C789E"
Last-Modified: Sun, 05 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2486
Expires: Wed, 08 Feb 2023 00:25:31 GMT
Date: Tue, 07 Feb 2023 23:44:05 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 13:09:06 GMT
expires: Wed, 07 Feb 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 38099
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 178925
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=aee4ccd9-e4ce-4d93-88fc-6f17c8d489ab&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d1468da720a64e8e2b17ae83903c3540&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=aee4ccd9-e4ce-4d93-88fc-6f17c8d489ab&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d1468da720a64e8e2b17ae83903c3540&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=aee4ccd9-e4ce-4d93-88fc-6f17c8d489ab&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d1468da720a64e8e2b17ae83903c3540&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 23:44:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4f7abbeee6b195f0be3be24ae88d078
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css
200 OK 970 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css
IP
Hash 5fc54b6fd8436d7cbb8844df20d2e769
46d6813bfd7ef63eebfb2f6dfa78ad732e31bf9b
080d0c305d46b80393293775d77b8aeb6c62aa2e30cea8399efae54ace2a95f4
GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:05 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:03:42 GMT
etag: W/"6149ca1e-d31"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89iv2XYms9HEz3j%2FKAR36%2Fj1sIOnk2L%2FqQbvqqH6IRmWF3OvgCkd0rdmww7zEfEIwIx4Al2fM0G87nz2T9%2FN5byed5l2ELeWbBMEvHVU%2BjVVlqWHuKNspHeuZC%2BL0wtvDZklBGE%2F0dAe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795ffdce2a1023de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=aee4ccd9-e4ce-4d93-88fc-6f17c8d489ab&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=dd914f20462bc30d8e37d7b4eb23a40b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=aee4ccd9-e4ce-4d93-88fc-6f17c8d489ab&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=dd914f20462bc30d8e37d7b4eb23a40b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=aee4ccd9-e4ce-4d93-88fc-6f17c8d489ab&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=dd914f20462bc30d8e37d7b4eb23a40b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 23:44:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 79f489af883f490138e9264357d77824
Strict-Transport-Security: max-age=0; includeSubdomains
pistolsizehoe.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 pistolsizehoe.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: pistolsizehoe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Cookie: u_pl=17828521; uid_id2=f41147c1-9816-48be-9f57-e966eb287685:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 07 Feb 2023 23:44:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js
IP
GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:04 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:03:44 GMT
etag: W/"6149ca20-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5595655
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdBtTof6HWZ%2F3XMnEIUmmATto3TWdl9t%2F%2BcTlqxsRhyWVNqGVaC9PniCVU8YZl4eJByzeekJgCXeByrUdhNzirCCL9PWrbGN%2FC6BLwjrda6qGjVMVwHTYSpuMmLywS%2FMr2R8K%2FDEKcyH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795ffdce6a3e23de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js
200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js
IP
GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:05 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:03:44 GMT
etag: W/"6149ca20-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWoxM7vP4lgWIP%2BCIrHI9NOw2cAED%2FE3u%2F3zpDZfiORb6%2B79Noz7HvkvMrLveD4wJT5bA9EE5kf%2F3MnC9Sv1xk8har77sB62B3UitZRSHdSg6ehtqkAqjJZ8a3tF6o%2BmWUN8ENOGz217"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795ffdceeac023de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 Feb 2023 23:44:02 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+247; expires=Thu, 06-Feb-2025 23:44:02 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kodeshaplicativos.blogspot.com
Connection: keep-alive
Referer: https://kodeshaplicativos.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 23:44:04 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 08 Feb 2023 00:44:04 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 23:44:04 GMT
date: Tue, 07 Feb 2023 23:44:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
142.250.74.1
93.184.220.29
104.17.24.14
23.36.76.226
3.120.47.42