r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10674
Expires: Thu, 08 Dec 2022 11:51:09 GMT
Date: Thu, 08 Dec 2022 08:53:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16114
Expires: Thu, 08 Dec 2022 13:21:49 GMT
Date: Thu, 08 Dec 2022 08:53:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c3470f9f0a4df8c1496b577fa9435ff6
f83b0226bb57ed0f3e1acdad61b940414add135d
f542579e3a3577a646babde862282c2afda6ed784360a915143216100f7a3d91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6781
Expires: Thu, 08 Dec 2022 10:46:16 GMT
Date: Thu, 08 Dec 2022 08:53:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 08:08:09 GMT
content-type: application/json
age: 2706
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: z16uTmVmcuFNDiXN9BkCBY1j7nW6D7HvgHAJRuJdwClt/sWNLrjoHoM4PDEXEldVdv1AGEbaY5w=
x-amz-request-id: 4RH1MW63VP2RJKMQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 08:49:43 GMT
age: 212
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:53:15 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
filmsulpc.blogspot.com/search/label/fantascientifico
172.217.21.161200 OK 28 kB URL HTTP/1.1 filmsulpc.blogspot.com/search/label/fantascientifico
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7568)
Hash 7ab2eb4ecfd442f827f9606555f7174c
55fcc4557296a610f7babd7ef31a7f900cad8e69
139d496e29898faf3e827f1703d3eeb73acdbb48b7f13d0f722a8f14c0dffee9
Analyzer Verdict Alert fortinet Malware
GET /search/label/fantascientifico HTTP/1.1
Host: filmsulpc.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 08 Dec 2022 08:53:15 GMT
Date: Thu, 08 Dec 2022 08:53:15 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 10 Dec 2021 08:03:06 GMT
ETag: W/"2ad08dd11da544632e5235c409d38f5a47234b70ff8451643111d1b7fbaa2044"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 27778
Server: GSE
fonts.googleapis.com/css?family=PT+Sans+Narrow
142.250.74.106200 OK 443 B URL HTTP/1.1 fonts.googleapis.com/css?family=PT+Sans+Narrow
IP 142.250.74.106:0
Hash ce499cfe3701b283d83f97fd8ab16c2a
469f62d47c86cce56a055fc53c7c46c53859c183
0d8010aab11b4ff53221993814f6f574d7b93f808e3d1de74b7326c58b724fe7
GET /css?family=PT+Sans+Narrow HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 08 Dec 2022 08:53:15 GMT
Date: Thu, 08 Dec 2022 08:53:15 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.170:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33845
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 09:59:49 GMT
Expires: Wed, 06 Dec 2023 09:59:49 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 168806
fonts.googleapis.com/css?family=Oswald
142.250.74.106200 OK 495 B URL HTTP/1.1 fonts.googleapis.com/css?family=Oswald
IP 142.250.74.106:0
Hash a4a32d3d207b2c021587e24e97d9a668
7eba49938cae3f0f1a7204f8ea5c1e24c21397df
2b5c3cdc80fd6a3c61185c1667e7a0fef0d1ce49066bafe2da8cdeba79301933
GET /css?family=Oswald HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 08 Dec 2022 08:53:15 GMT
Date: Thu, 08 Dec 2022 08:53:15 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
IP 142.250.74.170:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash ebaa24930d6b905fe00c9457484b78a9
f97496ee81148e264b3735464b8bfced1a8b2fad
b9bd9830d7eceae230cfaa5105e8a3ec432392f270cee156637dac8d0684d614
GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30082
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 14:10:09 GMT
Expires: Wed, 06 Dec 2023 14:10:09 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 153786
filmsulpc.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 filmsulpc.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: filmsulpc.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/search/label/fantascientifico
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Thu, 08 Dec 2022 08:53:15 GMT
Expires: Thu, 15 Dec 2022 08:53:15 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 07 Dec 2022 20:54:14 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8274b291596906eb3779dccb82ec41cb
b2ec554df1fa55e18a4316b76ac617dc626b7598
69129be0a1c2e3d1dfc602aea4ef004ea01b3bfa6c5863bd225843472f1bb7c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/jsapi?key=ABQIAAAAlQIoliUVPjZwD8UDgw_U3RTUhB4JyH-ajz-fA9t4yePPPdGAfRTC_mtuh6Iq1MLEipD0I2rCi30Png
216.58.207.228301 Moved Permanently 328 B URL HTTP/2 www.google.com/jsapi?key=ABQIAAAAlQIoliUVPjZwD8UDgw_U3RTUhB4JyH-ajz-fA9t4yePPPdGAfRTC_mtuh6Iq1MLEipD0I2rCi30Png
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 68acd79fb29a50516db07ecd4b01edcd
de587579f4f375a7b159776e461fae51181a10b6
aedd47bf40cad1275ae61bb7cb387f75dfadb5e41f0fcedbbd0366ff6aafcd14
GET /jsapi?key=ABQIAAAAlQIoliUVPjZwD8UDgw_U3RTUhB4JyH-ajz-fA9t4yePPPdGAfRTC_mtuh6Iq1MLEipD0I2rCi30Png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.gstatic.com/charts/loader.js?key=ABQIAAAAlQIoliUVPjZwD8UDgw_U3RTUhB4JyH-ajz-fA9t4yePPPdGAfRTC_mtuh6Iq1MLEipD0I2rCi30Png
x-content-type-options: nosniff
server: sffe
content-length: 328
x-xss-protection: 0
date: Thu, 08 Dec 2022 08:41:18 GMT
expires: Thu, 08 Dec 2022 09:11:18 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.41200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.41:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:01:43 GMT
expires: Wed, 06 Dec 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 19:52:21 GMT
content-type: text/css
age: 154292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/aH4QJR2.gif
151.101.84.193301 Moved Permanently 0 B IP 151.101.84.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aH4QJR2.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/aH4QJR2.gif
Accept-Ranges: bytes
Date: Thu, 08 Dec 2022 08:53:15 GMT
X-Served-By: cache-bma1659-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1670489596.987343,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
www.blogger.com/static/v1/widgets/3222695235-widgets.js
142.250.74.41200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3222695235-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash 9f2f688aec73940034a0266a2a6266da
af9875c8064027204827b311250191c87e55366e
a78a0cfbae13cfc525657e31c2033d5c0281c5fbec2cf3e493ff75a7e097a02a
GET /static/v1/widgets/3222695235-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56718
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 02:14:06 GMT
expires: Thu, 07 Dec 2023 02:14:06 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 00:52:16 GMT
content-type: text/javascript
age: 110349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Thu, 08 Dec 2022 08:13:35 GMT
Expires: Thu, 08 Dec 2022 10:13:35 GMT
Cache-Control: public, max-age=7200
Age: 2381
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
i.imgur.com/aH4QJR2.gif
151.101.84.193200 OK 4.5 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 154 x 49\012- data
Hash 9a0abf576d53fb617f3ff0661cbe6c8a
fc97fc15a6a0b92077d37087cceeaa96b908e6b8
56f27756aedc8a829e1f1862d0eee439eb65459a0b8c24372774fbc41cbfb672
GET /aH4QJR2.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filmsulpc.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 24 Jun 2013 18:15:47 GMT
etag: "9a0abf576d53fb617f3ff0661cbe6c8a"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 08 Dec 2022 08:53:16 GMT
age: 3053650
x-served-by: cache-iad-kjyo7100069-IAD, cache-bma1682-BMA
x-cache: HIT, HIT
x-cache-hits: 60, 1
x-timer: S1670489596.074427,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 4454
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4b1c4d797d1d2fef94993a69a7cb423a
d4d0f3b2eccd29dddef0f1ec51309de97c6c05a4
d2f98268392005d93b5bce9c019c360400b09ac369fc8e8cbc1edba7ed6d929d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a938af990a97b9856e1174d11c72cbf7
b57716fd0ea9a1e9e0a0595ff593f939560c0abf
6ab769333b231097d077edfbc1c3fc9560de5ae9bfeb5b8360dea8b7fadbcb44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-77g2TSd56zs/UbITlflC7GI/AAAAAAAAAM8/KUbrcPCVfWc/s1600/aviz_pre_estreno.png
142.250.74.161200 OK 6.8 kB URL HTTP/1.1 3.bp.blogspot.com/-77g2TSd56zs/UbITlflC7GI/AAAAAAAAAM8/KUbrcPCVfWc/s1600/aviz_pre_estreno.png
IP 142.250.74.161:0
File type PNG image data, 620 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash 30313ff7e354d225ae3334258ac36cf9
b32ffbed5f7777916277a924d9089e6206e295ce
f3b00f1ebaaf7f1815ee18b762f99bd90588bed8c7b891db100142ebc35f9cca
GET /-77g2TSd56zs/UbITlflC7GI/AAAAAAAAAM8/KUbrcPCVfWc/s1600/aviz_pre_estreno.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vcf"
Expires: Fri, 09 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="aviz_pre_estreno.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 08:53:16 GMT
Server: fife
Content-Length: 6829
X-XSS-Protection: 0
www.gstatic.com/charts/loader.js?key=ABQIAAAAlQIoliUVPjZwD8UDgw_U3RTUhB4JyH-ajz-fA9t4yePPPdGAfRTC_mtuh6Iq1MLEipD0I2rCi30Png
142.250.74.35200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js?key=ABQIAAAAlQIoliUVPjZwD8UDgw_U3RTUhB4JyH-ajz-fA9t4yePPPdGAfRTC_mtuh6Iq1MLEipD0I2rCi30Png
IP 142.250.74.35:0
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js?key=ABQIAAAAlQIoliUVPjZwD8UDgw_U3RTUhB4JyH-ajz-fA9t4yePPPdGAfRTC_mtuh6Iq1MLEipD0I2rCi30Png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filmsulpc.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 08:08:08 GMT
expires: Thu, 08 Dec 2022 09:08:08 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
content-type: text/javascript
age: 2708
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-jSaCj1eVLcE/Udsvpn1R3cI/AAAAAAAAAbc/umOP1-FM75I/w72-h72-p-k-no-nu/filmsulpc.jpg
142.250.74.161200 OK 3.6 kB URL HTTP/1.1 2.bp.blogspot.com/-jSaCj1eVLcE/Udsvpn1R3cI/AAAAAAAAAbc/umOP1-FM75I/w72-h72-p-k-no-nu/filmsulpc.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 48143387664f3a702c1f100912b31546
6c32ae8fe6b77af048d839ecf8791d218d1abc54
2d6806d1fba35af098313e56ae21f46792e8539f29608e20175fb864660d640f
GET /-jSaCj1eVLcE/Udsvpn1R3cI/AAAAAAAAAbc/umOP1-FM75I/w72-h72-p-k-no-nu/filmsulpc.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1b8"
Expires: Fri, 09 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="filmsulpc.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 08:53:16 GMT
Server: fife
Content-Length: 3622
X-XSS-Protection: 0
4.bp.blogspot.com/-mizauE5_jKY/UeHXG58No4I/AAAAAAAAAgA/4dbHqwN8IKw/w72-h72-p-k-no-nu/pian+e+muscoli_filmsulpc.jpg
142.250.74.161200 OK 4.6 kB URL HTTP/1.1 4.bp.blogspot.com/-mizauE5_jKY/UeHXG58No4I/AAAAAAAAAgA/4dbHqwN8IKw/w72-h72-p-k-no-nu/pian+e+muscoli_filmsulpc.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5be8cd1b16599dd93a9233820775e0ff
3d936cce8a5dc3fbac97196a68e53745b5352e57
812d624ab5bd7f8f3c277fc7f5f0433ad0bc2e576df57c892aeb57f6d82cdc73
GET /-mizauE5_jKY/UeHXG58No4I/AAAAAAAAAgA/4dbHqwN8IKw/w72-h72-p-k-no-nu/pian+e+muscoli_filmsulpc.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v201"
Expires: Fri, 09 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pian e muscoli_filmsulpc.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 08:53:16 GMT
Server: fife
Content-Length: 4633
X-XSS-Protection: 0
yllix.com/layer.php?section=General&pub=351313&ga=g&show=1&fp
185.66.200.224301 Moved Permanently 162 B URL HTTP/1.1 yllix.com/layer.php?section=General&pub=351313&ga=g&show=1&fp
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /layer.php?section=General&pub=351313&ga=g&show=1&fp HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Dec 2022 08:53:16 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/layer.php?section=General&pub=351313&ga=g&show=1&fp
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 08:07:55 GMT
age: 2721
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-ZbAHVjFwMh0/UfKAEQM7UMI/AAAAAAAAAiE/E-9XMe2Je_o/w72-h72-p-k-no-nu/Presa_mortale_Il_nemico_e_tra_noi_2013.jpg
142.250.74.161200 OK 4.8 kB URL HTTP/1.1 3.bp.blogspot.com/-ZbAHVjFwMh0/UfKAEQM7UMI/AAAAAAAAAiE/E-9XMe2Je_o/w72-h72-p-k-no-nu/Presa_mortale_Il_nemico_e_tra_noi_2013.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash df1765b790225a406628f546d74d28ae
eba98f9ad92cb0aa3351c0d7ebd01a3ec2862d64
825bc3948191d848ad71b2e1eda915308106b8fe0e9cf0192fa1919e562c0386
GET /-ZbAHVjFwMh0/UfKAEQM7UMI/AAAAAAAAAiE/E-9XMe2Je_o/w72-h72-p-k-no-nu/Presa_mortale_Il_nemico_e_tra_noi_2013.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v222"
Expires: Fri, 09 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Presa_mortale_Il_nemico_e_tra_noi_2013.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 08:53:16 GMT
Server: fife
Content-Length: 4751
X-XSS-Protection: 0
2.bp.blogspot.com/-owPXAgx2mf8/UAVcZcCNL3I/AAAAAAAAHqc/H9V2g9h_x94/s1600/search_btn.png
142.250.74.161200 OK 1.7 kB URL HTTP/1.1 2.bp.blogspot.com/-owPXAgx2mf8/UAVcZcCNL3I/AAAAAAAAHqc/H9V2g9h_x94/s1600/search_btn.png
IP 142.250.74.161:0
File type PNG image data, 39 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash a11c73823533035d6c91dfc9170f0ac4
9560185980a5d7170616a8a6d6477c9551ab0f60
345a21941a8544358b9668f04da047a0096a1d30ff8e61cd9fd9ccb008e04ecf
GET /-owPXAgx2mf8/UAVcZcCNL3I/AAAAAAAAHqc/H9V2g9h_x94/s1600/search_btn.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="search_btn.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1665
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 05:00:19 GMT
Expires: Fri, 11 Nov 2022 08:59:56 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13977
ETag: "v1ea7"
Content-Type: image/png
4.bp.blogspot.com/-Z-sFKKMPUSA/Ufpw0RGrShI/AAAAAAAAAi4/qz5fN6t71dg/w72-h72-p-k-no-nu/TURBO_poster-ita_filmsulpc.jpg
142.250.74.161200 OK 5.1 kB URL HTTP/1.1 4.bp.blogspot.com/-Z-sFKKMPUSA/Ufpw0RGrShI/AAAAAAAAAi4/qz5fN6t71dg/w72-h72-p-k-no-nu/TURBO_poster-ita_filmsulpc.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 6459eaf8d8eddca4925d725cc8d585c8
e4751a3c3b86e877f48f548d1acf56fb6b359c8a
90fc712c5b9d5d0eaf2c21a41d7b4cbd263c641a523fc8e9360bec682714b7f5
GET /-Z-sFKKMPUSA/Ufpw0RGrShI/AAAAAAAAAi4/qz5fN6t71dg/w72-h72-p-k-no-nu/TURBO_poster-ita_filmsulpc.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v22f"
Expires: Fri, 09 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="TURBO_poster-ita_filmsulpc.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 08:53:16 GMT
Server: fife
Content-Length: 5138
X-XSS-Protection: 0
3.bp.blogspot.com/-q3Q6hWjYZUo/T94HN6VdhHI/AAAAAAAAG58/P-A9JP3CDY4/s1600/search_form.png
142.250.74.161200 OK 420 B URL HTTP/1.1 3.bp.blogspot.com/-q3Q6hWjYZUo/T94HN6VdhHI/AAAAAAAAG58/P-A9JP3CDY4/s1600/search_form.png
IP 142.250.74.161:0
File type PNG image data, 220 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 8fdd64862b69d56343de97229dd34767
838c51341349398f7900cee91f776dd50b831dfa
fc8d49936bd69ecd14fd86f2e27bc12b9a5b1613af52339bfa133785862785e6
GET /-q3Q6hWjYZUo/T94HN6VdhHI/AAAAAAAAG58/P-A9JP3CDY4/s1600/search_form.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="search_form.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 420
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:38:10 GMT
Expires: Sun, 29 May 2022 11:39:04 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 8106
ETag: "v1b9f"
Content-Type: image/png
2.bp.blogspot.com/--oCnLt2mIa0/UAU7jOCzEbI/AAAAAAAAHpc/-LUjJgrwL0Q/s1600/outer.png
142.250.74.161200 OK 216 B URL HTTP/1.1 2.bp.blogspot.com/--oCnLt2mIa0/UAU7jOCzEbI/AAAAAAAAHpc/-LUjJgrwL0Q/s1600/outer.png
IP 142.250.74.161:0
File type PNG image data, 30 x 45, 8-bit grayscale, non-interlaced\012- data
Hash 8c3882f4fbfcdf7ef859bf9843eac526
7bdea39a6bdcc8604d53509fc2d08df9904f24fb
629f3717611c6793ccff58c2a3382396a3065813db3977dba79dca03104cf94d
GET /--oCnLt2mIa0/UAU7jOCzEbI/AAAAAAAAHpc/-LUjJgrwL0Q/s1600/outer.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="outer.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 216
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 05:00:04 GMT
Expires: Sat, 29 Oct 2022 23:48:56 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 13992
ETag: "v1e97"
Content-Type: image/png
1.bp.blogspot.com/-Tg7BikflCm8/T4_x9T1aflI/AAAAAAAAAoo/jV53zVYzVDY/s1600/social+letter.png
142.250.74.161200 OK 6.9 kB URL HTTP/1.1 1.bp.blogspot.com/-Tg7BikflCm8/T4_x9T1aflI/AAAAAAAAAoo/jV53zVYzVDY/s1600/social+letter.png
IP 142.250.74.161:0
File type PNG image data, 125 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash a9ae8a7316c83b92841bcb263446856e
60703b178ee6e5444b98b1f9b9703f1a0320be28
b175ddc4bae9535014b8b6a9307101b55b9ad5695e807c5ec9f2527853fe9c9e
GET /-Tg7BikflCm8/T4_x9T1aflI/AAAAAAAAAoo/jV53zVYzVDY/s1600/social+letter.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="social letter.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 6855
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:19:11 GMT
Expires: Sat, 08 Oct 2022 02:25:59 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 2045
ETag: "v28a"
Content-Type: image/png
3.bp.blogspot.com/-SFH7pfuPOg4/UAVZimY-OuI/AAAAAAAAHqE/MOKZ4nE0EFM/s1600/prev.png
142.250.74.161200 OK 1.4 kB URL HTTP/1.1 3.bp.blogspot.com/-SFH7pfuPOg4/UAVZimY-OuI/AAAAAAAAHqE/MOKZ4nE0EFM/s1600/prev.png
IP 142.250.74.161:0
File type PNG image data, 25 x 330, 8-bit/color RGBA, non-interlaced\012- data
Hash b19638e383d995a6824b7680e95ea302
0074cc2c7ce4c7b58e0314cd8ee10fa215b1f27f
0e5509d89de2a0f2142687afc84d5fbb8a090e1962fb6b679b17e94d70258016
GET /-SFH7pfuPOg4/UAVZimY-OuI/AAAAAAAAHqE/MOKZ4nE0EFM/s1600/prev.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="prev.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1374
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:53:16 GMT
Expires: Thu, 10 Nov 2022 21:48:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1ea1"
Content-Type: image/png
Age: 0
2.bp.blogspot.com/-8ZJsKPGGoqU/UfT_oZaXolI/AAAAAAAAAEE/RvdzGIYKo5s/w72-h72-p-k-no-nu/broken-198x268_filmsulpc.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 2.bp.blogspot.com/-8ZJsKPGGoqU/UfT_oZaXolI/AAAAAAAAAEE/RvdzGIYKo5s/w72-h72-p-k-no-nu/broken-198x268_filmsulpc.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 742cfd472774771567c354ee7c461051
995f43e72ff9bf9d36206ddd3ec8ad2febcd5dd7
5b8e2aeae1c40454624ef0c575d333f7fa264d8c4aaa5578fa765ed1af5f7eb9
GET /-8ZJsKPGGoqU/UfT_oZaXolI/AAAAAAAAAEE/RvdzGIYKo5s/w72-h72-p-k-no-nu/broken-198x268_filmsulpc.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v42"
Expires: Fri, 09 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="broken-198x268_filmsulpc.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 08:53:16 GMT
Server: fife
Content-Length: 4446
X-XSS-Protection: 0
4.bp.blogspot.com/-9bRrrdDwUp0/Ub41G8SAzJI/AAAAAAAAAUo/peOsWB_xhCc/s1600/1.001.png
142.250.74.161200 OK 6.6 kB URL HTTP/1.1 4.bp.blogspot.com/-9bRrrdDwUp0/Ub41G8SAzJI/AAAAAAAAAUo/peOsWB_xhCc/s1600/1.001.png
IP 142.250.74.161:0
File type PNG image data, 275 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash ba44d5f308132512877bdf1daa6f314b
a9d5481cf245cf2ea6db7266c42e47529260bbc3
358b037ca760d493246a3c3b8d4821a9b869c4ccd980286dad42f33fcfaf1593
GET /-9bRrrdDwUp0/Ub41G8SAzJI/AAAAAAAAAUo/peOsWB_xhCc/s1600/1.001.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v14b"
Expires: Fri, 09 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1.001.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 08:53:16 GMT
Server: fife
Content-Length: 6613
X-XSS-Protection: 0
2.bp.blogspot.com/-emoUrh_vyAw/Uebfo7UH9PI/AAAAAAAAADM/5IJqPCw8vto/w72-h72-p-k-no-nu/atlanticrim_filmsulpc.jpg
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 2.bp.blogspot.com/-emoUrh_vyAw/Uebfo7UH9PI/AAAAAAAAADM/5IJqPCw8vto/w72-h72-p-k-no-nu/atlanticrim_filmsulpc.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash dbdbc965140b496527ded39ce5e83ed7
e9ceaeeb70ccf4ceaf89cdee22204a0ebca6f45b
0bb6260b950b290718ee5ce56421ddd7a8d50ffb17633112402fc88af04e3584
GET /-emoUrh_vyAw/Uebfo7UH9PI/AAAAAAAAADM/5IJqPCw8vto/w72-h72-p-k-no-nu/atlanticrim_filmsulpc.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v34"
Expires: Fri, 09 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="atlanticrim_filmsulpc.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 08:53:16 GMT
Server: fife
Content-Length: 3790
X-XSS-Protection: 0
3.bp.blogspot.com/-qFafnT97QTQ/Ud8eRk3veII/AAAAAAAAACM/MGV9VTGVTTw/w72-h72-p-k-no-nu/427468_filmsulpc.jpg
142.250.74.161200 OK 3.3 kB URL HTTP/1.1 3.bp.blogspot.com/-qFafnT97QTQ/Ud8eRk3veII/AAAAAAAAACM/MGV9VTGVTTw/w72-h72-p-k-no-nu/427468_filmsulpc.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 03a46f09ff8f313c807241ba0967b98a
cb8ac3451f4798e3d1aaac6edbfafed87a840def
deb4223f1727f42811c6491f4a5962d7f540b348040d105f96b39a31ec2f4671
GET /-qFafnT97QTQ/Ud8eRk3veII/AAAAAAAAACM/MGV9VTGVTTw/w72-h72-p-k-no-nu/427468_filmsulpc.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v24"
Expires: Fri, 09 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="427468_filmsulpc.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 08:53:16 GMT
Server: fife
Content-Length: 3292
X-XSS-Protection: 0
4.bp.blogspot.com/-stwzU55te3A/Ucs3gWXjKlI/AAAAAAAAAYI/JJ88LjhRbZw/s320/Filmsulpc-stream.jpg
142.250.74.161200 OK 12 kB URL HTTP/1.1 4.bp.blogspot.com/-stwzU55te3A/Ucs3gWXjKlI/AAAAAAAAAYI/JJ88LjhRbZw/s320/Filmsulpc-stream.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 214x320, components 3\012- data
Hash fb55ee652cafc41c4f2ede9a96ead992
70458375b34025ce96eb710da9232e040d06f8d0
39f6a8b364e24aee1cd8e829242d7771a4db2357441542f0a75ec73277591a62
GET /-stwzU55te3A/Ucs3gWXjKlI/AAAAAAAAAYI/JJ88LjhRbZw/s320/Filmsulpc-stream.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v183"
Expires: Fri, 09 Dec 2022 08:53:16 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Filmsulpc-stream.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 08 Dec 2022 08:53:16 GMT
Server: fife
Content-Length: 11506
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1257
Cache-Control: max-age=88471
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:16 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:27:47 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.aprolibro.com/wp-content/plugins/wordpress-popup/js/public.min.js?ver=4.2.2
46.8.8.100200 OK 46 B URL HTTP/1.1 www.aprolibro.com/wp-content/plugins/wordpress-popup/js/public.min.js?ver=4.2.2
IP 46.8.8.100:0
Hash d14dbf2cdec790f1e4261288e65005df
2a2b161b415db1ff098f32178d49d8bc7384417f
ba69c7e1eebceee601d8ca99f6d15cc9200fe9fff2c1f632d30866b08df4191a
GET /wp-content/plugins/wordpress-popup/js/public.min.js?ver=4.2.2 HTTP/1.1
Host: www.aprolibro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Set-Cookie: sv=1; Domain=www.aprolibro.com; Expires=Fri, 08 Dec 2023 08:53:16 GMT; Max-Age=300
Date: Thu, 08 Dec 2022 08:53:16 GMT
Content-Length: 46
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 82078d002109d5bcfdfc6a418cd66af9
a91fe87723c9ea184b53cce259122ffd7d8fe60d
3837351e5e91e3e2a1f824fb463ad3281aea573dd17b5a5a48b19d9f84ffa13d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 08:53:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 21:36:01 GMT
Expires: Tue, 13 Dec 2022 21:36:00 GMT
Etag: "a91fe87723c9ea184b53cce259122ffd7d8fe60d"
Cache-Control: max-age=477163,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776445090c1db51d-OSL
www.aprolibro.com/wp-content/uploads/2015/05/ICON.png
46.8.8.100301 Moved Permanently 61 B URL HTTP/1.1 www.aprolibro.com/wp-content/uploads/2015/05/ICON.png
IP 46.8.8.100:0
File type HTML document, ASCII text
Hash 559c2ea0686e5cc1a63031973bdfdae2
2114a261b8f532c2ff3411bfbc6d468d4f51d824
dd440e3b980b963fd9704cd7f43f632f7ed85adafd8b4d46472586d254b4f124
GET /wp-content/uploads/2015/05/ICON.png HTTP/1.1
Host: www.aprolibro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: http://ww82.aprolibro.com/
Set-Cookie: sv=1; Domain=www.aprolibro.com; Expires=Fri, 08 Dec 2023 08:53:16 GMT; Max-Age=300
Date: Thu, 08 Dec 2022 08:53:16 GMT
Content-Length: 61
yllix.com/layer.php?section=General&pub=351313&ga=g&show=1&fp
185.66.200.224301 Moved Permanently 162 B URL HTTP/2 yllix.com/layer.php?section=General&pub=351313&ga=g&show=1&fp
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /layer.php?section=General&pub=351313&ga=g&show=1&fp HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filmsulpc.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 08 Dec 2022 08:53:16 GMT
content-type: text/html
content-length: 162
location: https://yllix.com/warn.php?section=General&pub=351313&ga=g&show=1&fp
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: W+X2xLE97U4+q6xkBLUhbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CjuB6qLArgNpPhS/iDK/641OmmQ=
ww82.aprolibro.com/
199.59.243.222200 OK 976 B IP 199.59.243.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1360), with no line terminators
Hash 18dfffa46bbf86b114bb88ebf587dc13
9173ebf2075d835915fcfa0be179bd852b70b00b
a596ee8265e6becfc68cba90f5f9f1277988d1d090fad6690b7bc1b53c99da5a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ww82.aprolibro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://filmsulpc.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 08:53:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=b2058b70-bc22-3606-424e-60caf7259047; expires=Thu, 08-Dec-2022 09:08:16 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_WYADY1+8jAD7HNWXKVgaCicFgSrt+N9/qk1VTy+pdgTCzNlqx8mxbavYZ7AXEwKbRrF7SSq5yysuSawIbVpbrA==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
filmsulpc.blogspot.com/feeds/posts/default?max-results=12&orderby=published&alt=json-in-script&callback=showrecentposts
172.217.21.161200 OK 12 kB URL HTTP/1.1 filmsulpc.blogspot.com/feeds/posts/default?max-results=12&orderby=published&alt=json-in-script&callback=showrecentposts
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (65386)
Hash e317ca70349e05fce908ce7320b981dc
573f5a6f03c30bfada803116fa60dfa03b07f7cf
b06401df034a10762b7e30d1639ef5bb5802e83add310427e2a01247bce53763
GET /feeds/posts/default?max-results=12&orderby=published&alt=json-in-script&callback=showrecentposts HTTP/1.1
Host: filmsulpc.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/search/label/fantascientifico
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"99abe3cae9b90ad3a3ad2edd237456ccf5bc8c119da9204c23a91dad134fd485"
Date: Thu, 08 Dec 2022 08:53:16 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Thu, 08 Dec 2022 08:53:17 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Fri, 10 Dec 2021 08:03:06 GMT
Content-Encoding: gzip
Content-Length: 12201
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-mS_e1X2n4C0/UAVsoWRIPCI/AAAAAAAAHqo/sWfeUOIyX6k/s1600/batas.png
142.250.74.161200 OK 211 B URL HTTP/1.1 2.bp.blogspot.com/-mS_e1X2n4C0/UAVsoWRIPCI/AAAAAAAAHqo/sWfeUOIyX6k/s1600/batas.png
IP 142.250.74.161:0
File type PNG image data, 30 x 2, 8-bit colormap, non-interlaced\012- data
Hash 2c98b80ce5b5ce86c8b750b16bddd11b
98b1dac6586d64432d5e230ca4a78f566b49cf60
0bdbda934515096b6ec1743fbee57179ddd80249d69b10470148b4dc8836bb79
GET /-mS_e1X2n4C0/UAVsoWRIPCI/AAAAAAAAHqo/sWfeUOIyX6k/s1600/batas.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="batas.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 211
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:21:04 GMT
Expires: Wed, 02 Nov 2022 01:44:45 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 1933
ETag: "v1eaa"
Content-Type: image/png
4.bp.blogspot.com/-pFR58sZNzCo/UAVZh9I72lI/AAAAAAAAHp8/JTIiHJfsqHA/s1600/next.png
142.250.74.161200 OK 1.3 kB URL HTTP/1.1 4.bp.blogspot.com/-pFR58sZNzCo/UAVZh9I72lI/AAAAAAAAHp8/JTIiHJfsqHA/s1600/next.png
IP 142.250.74.161:0
File type PNG image data, 25 x 330, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ff59b7c39d6f28c1be59513190529ac
92b4068c8aca759c4690654fac45324bc4dcf867
5b3b8ab5a6e28d32da5672d70814ab71282d43a67c8aed522a3edc64e2c18c6e
GET /-pFR58sZNzCo/UAVZh9I72lI/AAAAAAAAHp8/JTIiHJfsqHA/s1600/next.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="next.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1334
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:45:02 GMT
Expires: Tue, 15 Nov 2022 08:09:26 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 495
ETag: "v1e9f"
Content-Type: image/png
3.bp.blogspot.com/-isErZdr-e3w/T_7Lgjhr5OI/AAAAAAAAHf0/tjJYvmFYxS8/s1600/sliderbg.png
142.250.74.161200 OK 506 B URL HTTP/1.1 3.bp.blogspot.com/-isErZdr-e3w/T_7Lgjhr5OI/AAAAAAAAHf0/tjJYvmFYxS8/s1600/sliderbg.png
IP 142.250.74.161:0
File type PNG image data, 42 x 217, 8-bit/color RGBA, non-interlaced\012- data
Hash 05542661ddf4cdfe684233a753f31a9f
1bf22b59c9f94f8a76101eae5e8c9a56b7dc0908
fffa265b4a817c10fccf7a8467093610de5a0ff314d6784d697c937614998360
GET /-isErZdr-e3w/T_7Lgjhr5OI/AAAAAAAAHf0/tjJYvmFYxS8/s1600/sliderbg.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="sliderbg.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 506
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:53:17 GMT
Expires: Tue, 15 Nov 2022 01:44:56 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1dfd"
Content-Type: image/png
Age: 0
2.bp.blogspot.com/-7BeF7FZiHo0/T6vZzVSzTzI/AAAAAAAABJs/FlrWN7ZRxmk/s1600/drid.gif
142.250.74.161200 OK 852 B URL HTTP/1.1 2.bp.blogspot.com/-7BeF7FZiHo0/T6vZzVSzTzI/AAAAAAAABJs/FlrWN7ZRxmk/s1600/drid.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 15 x 15\012- data
Hash a09b8a93c9b9fad6f97ac280ab636ded
08856541f258dbfed19d86d07eb0eb49cd344e58
dced1f45f2ab32d6e1970442929c7f59db63c33826fb3dda0d7a2996617ce9f0
GET /-7BeF7FZiHo0/T6vZzVSzTzI/AAAAAAAABJs/FlrWN7ZRxmk/s1600/drid.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="drid.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 852
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:13:44 GMT
Expires: Sat, 08 Oct 2022 02:26:00 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 2373
ETag: "vb9e"
Content-Type: image/gif
1.bp.blogspot.com/-43EW3Gjakwc/T6vZz6K4N_I/AAAAAAAABJ0/hi2LK0zc4JQ/s1600/listed.gif
142.250.74.161200 OK 855 B URL HTTP/1.1 1.bp.blogspot.com/-43EW3Gjakwc/T6vZz6K4N_I/AAAAAAAABJ0/hi2LK0zc4JQ/s1600/listed.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 15 x 15\012- data
Hash 69681a5b022545e1f358d2939b99cc0b
b96d41991b620abdc52d3b95402045b3b0e080a5
31ebc7bdcd5f2910deb75778b6a44e0031449587642f8da3a231b1311c581454
GET /-43EW3Gjakwc/T6vZz6K4N_I/AAAAAAAABJ0/hi2LK0zc4JQ/s1600/listed.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="listed.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 855
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:59:00 GMT
Expires: Wed, 02 Nov 2022 01:42:47 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 6857
ETag: "vb8c"
Content-Type: image/gif
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
142.250.74.35200 OK 9.8 kB URL HTTP/1.1 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://filmsulpc.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9840
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 22:31:16 GMT
Expires: Sun, 03 Dec 2023 22:31:16 GMT
Cache-Control: public, max-age=31536000
Age: 382921
Last-Modified: Mon, 18 Jul 2022 19:24:04 GMT
Content-Type: font/woff2
3.bp.blogspot.com/-hVGwzCitmEg/Uegn2W47avI/AAAAAAAAAhE/Vette_pHJBM/s1600/12-years-a-slave-poster_filmsulpc.jpg
142.250.74.161200 OK 15 kB URL HTTP/1.1 3.bp.blogspot.com/-hVGwzCitmEg/Uegn2W47avI/AAAAAAAAAhE/Vette_pHJBM/s1600/12-years-a-slave-poster_filmsulpc.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 220x314, components 3\012- data
Hash 391691b2f66f26741e3d3244b34a9c6e
69bf46c35402fe3c0b31cb1b1864fdbf086573b3
c2534ef26064f654c80adb84aff29caaef7137f58b9913d900ff9e4a0bf8055a
GET /-hVGwzCitmEg/Uegn2W47avI/AAAAAAAAAhE/Vette_pHJBM/s1600/12-years-a-slave-poster_filmsulpc.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="12-years-a-slave-poster_filmsulpc.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 14758
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:53:17 GMT
Expires: Fri, 02 Dec 2022 06:05:20 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 0
ETag: "v212"
Content-Type: image/jpeg
1.bp.blogspot.com/-cLxx2J2PZ8w/UgQaYY_nE7I/AAAAAAAAAlQ/1n9PFPvMh_s/s320/drift.jpg
142.250.74.161200 OK 32 kB URL HTTP/1.1 1.bp.blogspot.com/-cLxx2J2PZ8w/UgQaYY_nE7I/AAAAAAAAAlQ/1n9PFPvMh_s/s320/drift.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 238x320, components 3\012- data
Hash 705203592881678a0d0a8cd975e40bd8
ee4cc37cfe69f148cc5f505df38c10bc37f3fb2a
d01f7abe6e501bce76e481b0bc6d31913cd28d604a232bbb404c8ba0e48514ec
GET /-cLxx2J2PZ8w/UgQaYY_nE7I/AAAAAAAAAlQ/1n9PFPvMh_s/s320/drift.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="drift.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 31635
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:53:17 GMT
Expires: Fri, 02 Dec 2022 06:05:20 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 0
ETag: "v255"
Content-Type: image/jpeg
ww82.aprolibro.com/
199.59.243.222200 OK 1.0 kB IP 199.59.243.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1488), with no line terminators
Hash 3f146aca44aa6cf61012eeebc9871672
bcc53e59f70d24801a243b4ab3c06e5413fc9dd8
4c1dfc1510d2ff7b558f1785bb9de72bdb6df5f969f1c64efa8d15d75556e053
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ww82.aprolibro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 08:53:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=7ea1784f-f7ea-8acf-2ca5-4aeb51436f04; expires=Thu, 08-Dec-2022 09:08:17 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_WYADY1+8jAD7HNWXKVgaCicFgSrt+N9/qk1VTy+pdgTCzNlqx8mxbavYZ7AXEwKbRrF7SSq5yysuSawIbVpbrA==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
4.bp.blogspot.com/-Z-sFKKMPUSA/Ufpw0RGrShI/AAAAAAAAAi4/qz5fN6t71dg/s1600/TURBO_poster-ita_filmsulpc.jpg
142.250.74.161200 OK 30 kB URL HTTP/1.1 4.bp.blogspot.com/-Z-sFKKMPUSA/Ufpw0RGrShI/AAAAAAAAAi4/qz5fN6t71dg/s1600/TURBO_poster-ita_filmsulpc.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 220x314, components 3\012- data
Hash ed0828ddfb8d4b7dc2f0681961258b86
f41204b928b3a5e3efa7f98c47ebc1890c010ec5
edda45997fe7210bb9827cc03a25d9e20f52b67512d6cd6cbae5660358f4c327
GET /-Z-sFKKMPUSA/Ufpw0RGrShI/AAAAAAAAAi4/qz5fN6t71dg/s1600/TURBO_poster-ita_filmsulpc.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="TURBO_poster-ita_filmsulpc.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 29514
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:53:17 GMT
Expires: Fri, 02 Dec 2022 06:49:24 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v22f"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/--lsrtqT1tQQ/Ufp1hmbCatI/AAAAAAAAAjI/mY-008EH7-A/s320/Battle_Force_2013_filmsulpc.jpg
142.250.74.161200 OK 24 kB URL HTTP/1.1 1.bp.blogspot.com/--lsrtqT1tQQ/Ufp1hmbCatI/AAAAAAAAAjI/mY-008EH7-A/s320/Battle_Force_2013_filmsulpc.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 229x320, components 3\012- data
Hash 1137bc126ccbddfd3ca3f908522d6ae0
50d0d1476779e8824ff54b202fa8a64d9831d9d9
063fa1689776072049271fc8852f433d25adddf476caeca82e2d74819eb7590a
GET /--lsrtqT1tQQ/Ufp1hmbCatI/AAAAAAAAAjI/mY-008EH7-A/s320/Battle_Force_2013_filmsulpc.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Battle_Force_2013_filmsulpc.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 23993
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:53:17 GMT
Expires: Fri, 02 Dec 2022 06:05:20 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v233"
Content-Type: image/jpeg
Age: 0
ww82.aprolibro.com/js/parking.2.100.2.js
199.59.243.222200 OK 22 kB URL HTTP/1.1 ww82.aprolibro.com/js/parking.2.100.2.js
IP 199.59.243.222:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 239c79e8ead12ade233b4b98f3a1d68d
ebb33fbc73ffa07c517270874bef61576c7aecf6
148cf1738ec4c4800fa6e1fa02ea75d6cc76c5d0096b11dc1af4b47ffbcf2d0b
Analyzer Verdict Alert fortinet Malware
GET /js/parking.2.100.2.js HTTP/1.1
Host: ww82.aprolibro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.aprolibro.com/
Cookie: parking_session=7ea1784f-f7ea-8acf-2ca5-4aeb51436f04
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 08:53:17 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 14 Nov 2022 17:45:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww82.aprolibro.com/_fd
199.59.243.222200 OK 2.6 kB IP 199.59.243.222:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 6e37e42b1b8ac70d11f82bdb00f7d901
035829507d3f6c8929506b25b763f2b10bafb586
ee92e3cb46bfb963ac8df47d2d058abfa6f7b89ea41784b2487948a1df35bb1c
Analyzer Verdict Alert fortinet Malware
POST /_fd HTTP/1.1
Host: ww82.aprolibro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww82.aprolibro.com/
Content-Type: application/json
Origin: http://ww82.aprolibro.com
Connection: keep-alive
Cookie: parking_session=7ea1784f-f7ea-8acf-2ca5-4aeb51436f04
Content-Length: 0
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 08 Dec 2022 08:53:17 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=7ea1784f-f7ea-8acf-2ca5-4aeb51436f04; expires=Thu, 08-Dec-2022 09:08:17 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww82.aprolibro.com/px.gif?ch=2&rn=8.69094615633584
199.59.243.222200 OK 42 B URL HTTP/1.1 ww82.aprolibro.com/px.gif?ch=2&rn=8.69094615633584
IP 199.59.243.222:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=2&rn=8.69094615633584 HTTP/1.1
Host: ww82.aprolibro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.aprolibro.com/
Cookie: parking_session=7ea1784f-f7ea-8acf-2ca5-4aeb51436f04
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 08:53:17 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ww82.aprolibro.com/px.gif?ch=1&rn=8.69094615633584
199.59.243.222200 OK 42 B URL HTTP/1.1 ww82.aprolibro.com/px.gif?ch=1&rn=8.69094615633584
IP 199.59.243.222:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=1&rn=8.69094615633584 HTTP/1.1
Host: ww82.aprolibro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.aprolibro.com/
Cookie: parking_session=7ea1784f-f7ea-8acf-2ca5-4aeb51436f04
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 08:53:17 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8274b291596906eb3779dccb82ec41cb
b2ec554df1fa55e18a4316b76ac617dc626b7598
69129be0a1c2e3d1dfc602aea4ef004ea01b3bfa6c5863bd225843472f1bb7c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5092
Expires: Thu, 08 Dec 2022 10:18:09 GMT
Date: Thu, 08 Dec 2022 08:53:17 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5092
Expires: Thu, 08 Dec 2022 10:18:09 GMT
Date: Thu, 08 Dec 2022 08:53:17 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5092
Expires: Thu, 08 Dec 2022 10:18:09 GMT
Date: Thu, 08 Dec 2022 08:53:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43fdc85bfd574fa803f0bcdc216ef622
27f558d5cdc150a50f080c054423500666b63d74
fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2DHUS5fGT4uoPPdjDXmHUOQVF93ULtO4zSHRmrx7KMu3lO0y0K9ag==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:24:13 GMT
age: 37744
etag: "27f558d5cdc150a50f080c054423500666b63d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4cbd333b74ebe10e77c1bdf1fec0269
bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8
7c868974824cef2f1a08c4500d10490fbaa8515984391b822c70a5009ad8c225
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51f870bb-e67d-4a93-bab0-cf574561a496.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 79861560-2468-4c0a-afd8-800d1e6d6814
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4A5EbzIAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d2-0b1efe0b006b8b0b2f69870b;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OInz4Evmbh2Z4PL2ogGsw6iOF9I-u-KhBhAsHHiA46CuHcqHo2Z34A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:07 GMT
age: 38410
etag: "bbcfa6a3ae98d5e3f4ffd3b0d6ee6934c7ca33a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5092
Expires: Thu, 08 Dec 2022 10:18:09 GMT
Date: Thu, 08 Dec 2022 08:53:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:11:17 GMT
age: 74520
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww82.aprolibro.com/favicon.ico
199.59.243.222200 OK 0 B URL HTTP/1.1 ww82.aprolibro.com/favicon.ico
IP 199.59.243.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww82.aprolibro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww82.aprolibro.com/
Cookie: parking_session=7ea1784f-f7ea-8acf-2ca5-4aeb51436f04
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 08:53:17 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
ETag: "61424bb6-0"
x-backend-server: ip-10-201-16-225.ec2.internal
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 33465
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bdf4703f3372054a7aadce1cb0e11bd0
84d060f66accd412503d52c385ee47cb35795c07
c5853b653ee328e567e2456be12450e04c1704ed64fb6234f008532e4b6c8363
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9367069b-64ab-4e4d-b8c9-fa115e0681a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3744
x-amzn-requestid: 73eab74b-e50c-46d1-adde-3ef85fb772f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlj7FDiIAMFmsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb618-70ffb1925e3a9ef6081d1cd1;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mNqZM4645fF2zaqXJgT68q_xIbg2tvE1KaqK1P2LzC307rl4OTZ33Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:58:04 GMT
age: 39313
etag: "84d060f66accd412503d52c385ee47cb35795c07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce35df4fe4f77c950e40dc44b311bab4
aadf97d040e3577599581e892ee20f88d191bf91
f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5620
x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gHGIMIAMFy_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MWB80hrfUMDjexNsySVGMXtm6Wva4t1gkJXaesFKRaGSkFS1r1zIrw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
age: 38393
etag: "aadf97d040e3577599581e892ee20f88d191bf91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18cc322e73c8b494d8f43b0922588f04
e328ef83b8b4735aa93cd68ab1eb850f16c10c81
4f8f8fa8fd32fb03501eedd8474a922a448744d0464844314923ba1672c995bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=ww82.aprolibro.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie
142.250.74.34200 OK 242 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ww82.aprolibro.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie
IP 142.250.74.34:0
File type ASCII text, with very long lines (366), with no line terminators
Hash aa442bb0713770959595fae2f5b26531
d8d88ac49fcf2eca47ac4b26c02f4606671a9093
8829477b25d66aa830e11606b20eeb4dc27851a603c1c49247da6679a0e60ce3
GET /gampad/cookie.js?domain=ww82.aprolibro.com&client=dp-bodis31_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww82.aprolibro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 08 Dec 2022 08:53:17 GMT
server: cafe
cache-control: private
content-length: 242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18cc322e73c8b494d8f43b0922588f04
e328ef83b8b4735aa93cd68ab1eb850f16c10c81
4f8f8fa8fd32fb03501eedd8474a922a448744d0464844314923ba1672c995bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a5c2a2d50893431367319c3eb5fd0bc
c076b77d1c599d2711a212258ffd5dc4eca82925
0c98da58e2abb90a770dbd9d97277cd8836fb79fc15aace4a95d1fb5ee4c1db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a5c2a2d50893431367319c3eb5fd0bc
c076b77d1c599d2711a212258ffd5dc4eca82925
0c98da58e2abb90a770dbd9d97277cd8836fb79fc15aace4a95d1fb5ee4c1db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b
216.58.207.225200 OK 272 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b
IP 216.58.207.225:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash ab1acb76dd408583614a7a6cedf41866
e2d2d7074479023d37474ab62755b658d22d4ab1
8622edbe2503910e3cbeecef073a09e662fd2507436c3aabf885d155afd96565
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 13:28:10 GMT
expires: Thu, 08 Dec 2022 12:28:10 GMT
cache-control: public, max-age=82800
age: 69908
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Michroma&display=swap
142.250.74.106200 OK 558 B URL HTTP/2 fonts.googleapis.com/css?family=Michroma&display=swap
IP 142.250.74.106:0
File type ASCII text, with very long lines (306)
Hash ba06b3d2c9dfa2aa0cde34fd0ff2ee49
1f7b16ee7fb21187a747b5a6fecba489ec14c2a1
d43ae852a5161dd503e4eb912ffd5ac3e9632a68f9e11150679b03a26c0a77f2
GET /css?family=Michroma&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 08:53:18 GMT
date: Thu, 08 Dec 2022 08:53:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Hash 402cbe860d64ae2e13145e34cbc7889c
7af4691dc306b7583365b9ff2ead0c1f6db017c5
da748253b458c5fc9c9a5e3c108b1cda280f52df4008702b9cea695ec23332aa
GET /s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 22:00:54 GMT
expires: Wed, 06 Dec 2023 22:00:54 GMT
cache-control: public, max-age=31536000
age: 125544
last-modified: Tue, 26 Apr 2022 14:38:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a5c2a2d50893431367319c3eb5fd0bc
c076b77d1c599d2711a212258ffd5dc4eca82925
0c98da58e2abb90a770dbd9d97277cd8836fb79fc15aace4a95d1fb5ee4c1db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 08:53:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww82.aprolibro.com/_tr
199.59.243.222200 OK 22 B IP 199.59.243.222:0
File type ASCII text, with no line terminators
Hash 5cfde9b47de2d84bd26fc473632647c0
fd53c70631b6068328be57daec71bd94bf004d41
47fd05ef74fef5da03fa22483e63fc977cad8e026ae41dadbbcc3745907f306b
Analyzer Verdict Alert fortinet Malware
POST /_tr HTTP/1.1
Host: ww82.aprolibro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww82.aprolibro.com/
Content-Type: application/json
Origin: http://ww82.aprolibro.com
Content-Length: 2169
Connection: keep-alive
Cookie: parking_session=7ea1784f-f7ea-8acf-2ca5-4aeb51436f04; __gsas=ID=797942322b4cd6e9:T=1670489597:S=ALNI_MY5UG-dlMCS6HchKXMGY4RI_kz-HA
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 08 Dec 2022 08:53:18 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=7ea1784f-f7ea-8acf-2ca5-4aeb51436f04; expires=Thu, 08-Dec-2022 09:08:18 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
filmsulpc.blogspot.com/search/label/indicator.gif
172.217.21.161200 OK 0 B URL HTTP/1.1 filmsulpc.blogspot.com/search/label/indicator.gif
IP 172.217.21.161:0
GET /search/label/indicator.gif HTTP/1.1
Host: filmsulpc.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://filmsulpc.blogspot.com/search/label/fantascientifico
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 08 Dec 2022 08:53:16 GMT
Date: Thu, 08 Dec 2022 08:53:16 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 10 Dec 2021 08:03:06 GMT
ETag: W/"2ad08dd11da544632e5235c409d38f5a47234b70ff8451643111d1b7fbaa2044"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 24595
Server: GSE
yllix.com/warn.php?section=General&pub=351313&ga=g&show=1&fp
185.66.200.224200 OK 0 B URL HTTP/2 yllix.com/warn.php?section=General&pub=351313&ga=g&show=1&fp
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
GET /warn.php?section=General&pub=351313&ga=g&show=1&fp HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://filmsulpc.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 08:53:16 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
216.58.207.228200 OK 0 B URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 216.58.207.228:0
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww82.aprolibro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 08 Dec 2022 08:53:17 GMT
expires: Thu, 08 Dec 2022 08:53:17 GMT
cache-control: private, max-age=3600
etag: "13012075086301908205"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2