cristoferideas.blogspot.com/2023/02/ver-video-por-hay-no-dany.html?m=1
172.217.21.161301 Moved Permanently 215 B URL HTTP/1.1 cristoferideas.blogspot.com/2023/02/ver-video-por-hay-no-dany.html?m=1
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9e1c8393b3f7929bc5bd6113479a03b1
b4e81efd99a0fb2ceb5447fe2893e69724619bf6
187689926e56e81c48273154e1bbfb85b0299ad49f70ad6d833b6d1cafdd62ef
GET /2023/02/ver-video-por-hay-no-dany.html?m=1 HTTP/1.1
Host: cristoferideas.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://cristoferideas.blogspot.com/2023/02/ver-video-por-hay-no-dany.html?m=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 21:10:28 GMT
Expires: Sun, 05 Feb 2023 21:10:28 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 215
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3856
Expires: Sun, 05 Feb 2023 22:14:44 GMT
Date: Sun, 05 Feb 2023 21:10:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7907
Expires: Sun, 05 Feb 2023 23:22:15 GMT
Date: Sun, 05 Feb 2023 21:10:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 20:36:22 GMT
content-type: application/json
age: 2046
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3518
Expires: Sun, 05 Feb 2023 22:09:06 GMT
Date: Sun, 05 Feb 2023 21:10:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hWGVNg/9d/ZTeQIhKr7PIVf1Y6jn1dvPPLEJUokur7S5gIIK3m/4J4Ea30zygNrpsFXtTtVQ1x8=
x-amz-request-id: GT39G9J55D7KVF96
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 20:24:38 GMT
age: 2750
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 728b0e450f36f363294871aee5a68d2f
a19d5eb6fffe1b76d71ae8b1b1027897f53f2bb5
6d29f8f75af08ee1b5bea80558e9883bc69c555b53bd4f465c6ca30f4213c5c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 21:10:28 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 20:49:07 GMT
age: 1282
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7366
Expires: Sun, 05 Feb 2023 23:13:15 GMT
Date: Sun, 05 Feb 2023 21:10:29 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.213.75101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.213.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4vWGeOdoV0u7oxHJ4HepdQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xsgZbzfZS/qYTsnZ/yMlwJkvKJE=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 728b0e450f36f363294871aee5a68d2f
a19d5eb6fffe1b76d71ae8b1b1027897f53f2bb5
6d29f8f75af08ee1b5bea80558e9883bc69c555b53bd4f465c6ca30f4213c5c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cristoferideas.blogspot.com/2023/02/ver-video-por-hay-no-dany.html?m=1
172.217.21.161200 OK 25 kB URL HTTP/2 cristoferideas.blogspot.com/2023/02/ver-video-por-hay-no-dany.html?m=1
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30272)
Hash e1200791da35da0d5bf78489388c6388
38fb979adea388b3a04afd708b11907155fb7b62
3a76ab9d3fbe33a690e596721838a570df15c0673180c32159dfab68c479a78d
GET /2023/02/ver-video-por-hay-no-dany.html?m=1 HTTP/1.1
Host: cristoferideas.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 05 Feb 2023 21:10:29 GMT
date: Sun, 05 Feb 2023 21:10:29 GMT
cache-control: private, max-age=0
last-modified: Sun, 05 Feb 2023 19:02:11 GMT
etag: W/"54c1b74d8337fc75444a593f710fc14f8983ddd77514e5dfdb28162c665eef33"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 24615
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-hroWP5PDx-w/XT3h2s0xMLI/AAAAAAAAEDk/iBbeT96r5ZoEQed1DbkL-oZd1oGBGokRgCLcBGAs/w30-h30-p-k-no-nu/anon-default.png
142.250.74.161200 OK 570 B URL HTTP/2 2.bp.blogspot.com/-hroWP5PDx-w/XT3h2s0xMLI/AAAAAAAAEDk/iBbeT96r5ZoEQed1DbkL-oZd1oGBGokRgCLcBGAs/w30-h30-p-k-no-nu/anon-default.png
IP 142.250.74.161:0
File type PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash e23f04c3ba6a8fee9d22812975c9a1f4
233bc34f82a7c5a4d331adc13bbf35f65b2819ba
f88d331cc1cabb8f086ab8eb4fcdb5367075e560e601f6593f981a3e861481f1
GET /-hroWP5PDx-w/XT3h2s0xMLI/AAAAAAAAEDk/iBbeT96r5ZoEQed1DbkL-oZd1oGBGokRgCLcBGAs/w30-h30-p-k-no-nu/anon-default.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="anon-default.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 570
x-xss-protection: 0
date: Sun, 05 Feb 2023 20:24:09 GMT
expires: Sat, 28 Jan 2023 02:54:26 GMT
cache-control: public, max-age=86400, no-transform
age: 2780
etag: "v103a"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/gh/zkreations/whale@1.5.5/dist/js/whale.min.js
151.101.65.229200 OK 1.7 kB URL HTTP/2 cdn.jsdelivr.net/gh/zkreations/whale@1.5.5/dist/js/whale.min.js
IP 151.101.65.229:0
File type Unicode text, UTF-8 text, with very long lines (4578)
Hash b9e83ef3fb00766ba4d44b7212bd5802
6201e9eddd596a2e58f4c255cea01fab848e9053
6de3bac436e2adccb192543f96c99231d9132ab6ec7e2805b717179257550b20
GET /gh/zkreations/whale@1.5.5/dist/js/whale.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.5.5
x-jsd-version-type: version
etag: W/"1292-OzBTAUnbqR2LSELmWVwqGXwy4zo"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:10:29 GMT
age: 5780486
x-served-by: cache-fra-eddf8230074-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1720
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-5VKP3T5D4P
142.250.74.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-5VKP3T5D4P
IP 142.250.74.168:0
File type ASCII text, with very long lines (21849)
Hash 957fa7a8e12378f779197bace1e2d7b0
fba708fe15994423d4fd813d321dc95ec894acd3
dc3ebfb398d1028e4f585c79acf6c7b8d6e116283900658eca58708162ec1c07
GET /gtag/js?id=G-5VKP3T5D4P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 21:10:30 GMT
expires: Sun, 05 Feb 2023 21:10:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxM.woff
142.250.74.35200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxM.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 20268, version 1.1\012- data
Hash 60fa3c0614b8fb2f394fa29944c21540
42c8ae79841c592a26633f10ee9a26c75bcf9273
c1dc87f99c7ff228806117d58f085c6c573057fa237228081802b7d8d3cf7684
GET /s/roboto/v19/KFOmCnqEu92Fr1Mu4mxM.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20268
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 11:35:01 GMT
expires: Fri, 02 Feb 2024 11:35:01 GMT
cache-control: public, max-age=31536000
age: 293729
last-modified: Mon, 25 Mar 2019 20:12:00 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v16/TK3hWkUHHAIjg75-6hwTus9E.woff
142.250.74.35200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v16/TK3hWkUHHAIjg75-6hwTus9E.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 19252, version 1.1\012- data
Hash deebf8fc5d31111f3144d0c6373143cc
de3d7eeae3f962bb34948a2490082a103c5aad27
4850faf26ff351b712c9a457ef24a8bfd74ab4ace46108b4047190c709638c3e
GET /s/oswald/v16/TK3hWkUHHAIjg75-6hwTus9E.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19252
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:55:59 GMT
expires: Sat, 03 Feb 2024 02:55:59 GMT
cache-control: public, max-age=31536000
age: 238471
last-modified: Tue, 07 Nov 2017 15:18:34 GMT
content-type: font/woff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 008ec668ac16e8385e24d1ffdd321745
040bf9b4c9248e4d05da2b69bdf3ed83c3c0452d
60a69a8456882f4f9261e3fe2f10bd9d114d41784f4d997872521adcd088ae23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eswhik.github.io/button-modal/config.xml
185.199.109.153200 OK 105 B URL HTTP/2 eswhik.github.io/button-modal/config.xml
IP 185.199.109.153:0
File type HTML document, ASCII text
Hash c764f0a32209effd6baf39b3de6b563a
8f2fb8bcb88411190497483435f8c4904b3a7d63
a4554562ea5a9adacf0320bbf83cbb43955bc39b48b8a76ca46a2a69c2559cdc
GET /button-modal/config.xml HTTP/1.1
Host: eswhik.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: application/xml
permissions-policy: interest-cohort=()
last-modified: Tue, 17 May 2022 05:20:30 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "6283309e-69"
expires: Sun, 05 Feb 2023 17:33:51 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 5BAE:E0E7:12B84B:135E82:63DFE627
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:10:30 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675631430.973681,VS0,VE103
vary: Accept-Encoding
x-fastly-request-id: bbeb3a163b9f7e53d40151e2d97a9c2c29a03a09
content-length: 105
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
172.217.21.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (3642)
Hash 8ea26ca513afa3378c6661cc939b3909
9052d341d4b9f4ff256e467f8ea3227dc9a7667e
58d8ed5d0b4a14e90120e2499cabb40b8bbf3a9accb19c4f6b06454ab982d1c7
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Feb 2023 21:10:30 GMT
expires: Sun, 05 Feb 2023 21:10:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 150612375020769767
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50026
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 008ec668ac16e8385e24d1ffdd321745
040bf9b4c9248e4d05da2b69bdf3ed83c3c0452d
60a69a8456882f4f9261e3fe2f10bd9d114d41784f4d997872521adcd088ae23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 1375d6c9acf639e67f96b2573a33130e
fd545a0fbaaed9b0da0b174dc7d8e6c88acfad6c
a21664928bf5859ccc4a14593f44408d110aee990816b7757a56f814b4f30b87
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:10:30 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "77B188DAEDE7099518E033786F842556CBCF09BD"
Expires: Mon, 06 Feb 2023 08:00:00 GMT
Last-Modified: Sun, 05 Feb 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 215
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794ea2160dc60b02-OSL
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 413725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4d95b0b7ade00634f7f9db1d3412976a
fa3fd5ae750579c8cba75c486f4f450f9036fee6
39a4778239e3b143c74a21b55f611070b2a5e1ce9c197185a0c236cdc169e1c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39A4778239E3B143C74A21B55F611070B2A5E1CE9C197185A0C236CDC169E1C4"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3363
Expires: Sun, 05 Feb 2023 22:06:33 GMT
Date: Sun, 05 Feb 2023 21:10:30 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 008ec668ac16e8385e24d1ffdd321745
040bf9b4c9248e4d05da2b69bdf3ed83c3c0452d
60a69a8456882f4f9261e3fe2f10bd9d114d41784f4d997872521adcd088ae23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230201/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 05 Feb 2023 20:22:18 GMT
expires: Sun, 19 Feb 2023 20:22:18 GMT
cache-control: public, max-age=1209600
age: 2892
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-5VKP3T5D4P>m=45je3210&_p=648407070&cid=956064639.1675631472&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675631472&sct=1&seg=0&dl=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&dt=VER%20VIDEO%20POR%20HAY%20NO%20DANY&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-5VKP3T5D4P>m=45je3210&_p=648407070&cid=956064639.1675631472&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675631472&sct=1&seg=0&dl=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&dt=VER%20VIDEO%20POR%20HAY%20NO%20DANY&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5VKP3T5D4P>m=45je3210&_p=648407070&cid=956064639.1675631472&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675631472&sct=1&seg=0&dl=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&dt=VER%20VIDEO%20POR%20HAY%20NO%20DANY&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cristoferideas.blogspot.com
date: Sun, 05 Feb 2023 21:10:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 53cba227a97b6edccc1a1e1b60f417fe
3cd263f0f0ebec4a15b3082f9506c6d5c975289e
cffd01187e8ae3eda0f5798217846ac1261cd6eb22ae095af61727f789662513
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFFD01187E8AE3EDA0F5798217846AC1261CD6EB22AE095AF61727F789662513"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9660
Expires: Sun, 05 Feb 2023 23:51:30 GMT
Date: Sun, 05 Feb 2023 21:10:30 GMT
Connection: keep-alive
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgToCJvy2_7IGes-ONJpqFiAM7t643N7C9c_gJCzUHWsmAqaR7GwjKIYm0w78rJyluh2j0IvOh-Pf45GTibVBsYMxVvbbVYhe2PNG4gMGCMD5J8YPSMt_3RyQh2dlJ7VK55QehA7afRv8VvXRJNijLREIRNQg1Uw4O-OunQK3omHcVjv2fxr3AcPjjY/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(28).png
142.250.74.97200 OK 11 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgToCJvy2_7IGes-ONJpqFiAM7t643N7C9c_gJCzUHWsmAqaR7GwjKIYm0w78rJyluh2j0IvOh-Pf45GTibVBsYMxVvbbVYhe2PNG4gMGCMD5J8YPSMt_3RyQh2dlJ7VK55QehA7afRv8VvXRJNijLREIRNQg1Uw4O-OunQK3omHcVjv2fxr3AcPjjY/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(28).png
IP 142.250.74.97:0
File type PNG image data, 80 x 80, 8-bit/color RGB, non-interlaced\012- data
Hash da2b7bd2a764988ce25eecc2350b5a28
5f01559b398ca356bd819d42a54f13c0d4451e2b
a5efdbcb4c6f3c9d8f7b7b7a159e86ba7492cf57952e156ab5b2a193080f411f
GET /img/b/R29vZ2xl/AVvXsEgToCJvy2_7IGes-ONJpqFiAM7t643N7C9c_gJCzUHWsmAqaR7GwjKIYm0w78rJyluh2j0IvOh-Pf45GTibVBsYMxVvbbVYhe2PNG4gMGCMD5J8YPSMt_3RyQh2dlJ7VK55QehA7afRv8VvXRJNijLREIRNQg1Uw4O-OunQK3omHcVjv2fxr3AcPjjY/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(28).png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v58f"
expires: Mon, 06 Feb 2023 21:10:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Preparatoria Reuni_n Ideas Foto Collage (370 _ 247_px) (444 _ 250_px) (640 _ 360_px) (28).png";filename*=UTF-8''Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(28).png
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:10:30 GMT
server: fife
content-length: 10887
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.effectivecreativeformat.com/61f260f5b6f4113faddb2b93ac98b7ca/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/61f260f5b6f4113faddb2b93ac98b7ca/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26974), with no line terminators
Hash 237d734bdaaba33f27a53cf78353f5fe
046c643b4e6527e94ba775a1d385808c2103714e
1586c05aa370f005ca01322cd187302a3d975604c2572f45b99c3e273f6c2c2e
Analyzer Verdict Alert quad9 Sinkholed
GET /61f260f5b6f4113faddb2b93ac98b7ca/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:10:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1bbcb9df17a8f36a2380fc8bb2eb6341
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnriAejZiZaxCRwWodMj4pXd2JUcqHszAEmEewBdV30GegCJUSH8CJcGjsv7jHW-FPhpTK9bWug-_nEdi-JjEoiA8I6ciTsZQBQ90CESGB9kFQh_h1uPWe6t7mEddGyvYC0t6yen-elVC3gvubnFFRBacZ7R75enS4g1s4hj_NCYKLjqfigeXD8j-3/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(32).png
142.250.74.97200 OK 14 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnriAejZiZaxCRwWodMj4pXd2JUcqHszAEmEewBdV30GegCJUSH8CJcGjsv7jHW-FPhpTK9bWug-_nEdi-JjEoiA8I6ciTsZQBQ90CESGB9kFQh_h1uPWe6t7mEddGyvYC0t6yen-elVC3gvubnFFRBacZ7R75enS4g1s4hj_NCYKLjqfigeXD8j-3/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(32).png
IP 142.250.74.97:0
File type PNG image data, 80 x 80, 8-bit/color RGB, non-interlaced\012- data
Hash bd62217349bcdb3d8221bfb428a5c691
9e85496033f4f7ee0a4d19208f0647df6b317538
9aa9f8f76c69224a2605f4bb650bf555c9210f6dfebfa435b86eda1f71f5fb66
GET /img/b/R29vZ2xl/AVvXsEhnriAejZiZaxCRwWodMj4pXd2JUcqHszAEmEewBdV30GegCJUSH8CJcGjsv7jHW-FPhpTK9bWug-_nEdi-JjEoiA8I6ciTsZQBQ90CESGB9kFQh_h1uPWe6t7mEddGyvYC0t6yen-elVC3gvubnFFRBacZ7R75enS4g1s4hj_NCYKLjqfigeXD8j-3/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(32).png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v547"
expires: Mon, 06 Feb 2023 21:10:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Preparatoria Reuni_n Ideas Foto Collage (370 _ 247_px) (444 _ 250_px) (640 _ 360_px) (32).png";filename*=UTF-8''Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(32).png
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:10:30 GMT
server: fife
content-length: 13927
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhr83Y5bdbumx9prP0RmuSWtESOKcb5VrS5OwNNoz58AXsQYZOSGiG2LEAYiuDM9CB-vOll8CWEjzQ2_S8xuntiMKXZt0LeKPLzF2nwBB1jeRgBrBYh-IKJVAi0CXSLHCFC6OsSoCQAGVxW1wHCH3s8CyxYCt8GJsiUk-ytaJh-rOHD8mVnLThmb4JN/w80-h80-p-k-no-nu/fortnite.webp
142.250.74.97200 OK 5.4 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhr83Y5bdbumx9prP0RmuSWtESOKcb5VrS5OwNNoz58AXsQYZOSGiG2LEAYiuDM9CB-vOll8CWEjzQ2_S8xuntiMKXZt0LeKPLzF2nwBB1jeRgBrBYh-IKJVAi0CXSLHCFC6OsSoCQAGVxW1wHCH3s8CyxYCt8GJsiUk-ytaJh-rOHD8mVnLThmb4JN/w80-h80-p-k-no-nu/fortnite.webp
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 80x80, components 3\012- data
Hash a5f41d0f3888f78a85d2da13e13e6f45
450e90730ea860a165a42421fb3ab2c4d50db613
f9bd0b4fcb3dca0a0015288f5a5049663e4e952e97c60dd65f7a24170aa35470
GET /img/b/R29vZ2xl/AVvXsEhr83Y5bdbumx9prP0RmuSWtESOKcb5VrS5OwNNoz58AXsQYZOSGiG2LEAYiuDM9CB-vOll8CWEjzQ2_S8xuntiMKXZt0LeKPLzF2nwBB1jeRgBrBYh-IKJVAi0CXSLHCFC6OsSoCQAGVxW1wHCH3s8CyxYCt8GJsiUk-ytaJh-rOHD8mVnLThmb4JN/w80-h80-p-k-no-nu/fortnite.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v42f"
expires: Mon, 06 Feb 2023 21:10:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fortnite.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:10:30 GMT
server: fife
content-length: 5354
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d85a52a6f96da59010dc4aef95c24b6d
9e6472e7398d275d976e42fe5eaa6d555146d5bd
3dca4e3f16c9147034ad26ebcb1ab8b175f12ec93697b5d749f383220d0d9069
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/a/AVvXsEgevTDg4fUGDJ6BdT44J77CS4f0aSTdGpOuUJWaKbrHkAQww2_jRu_r1dWJrTMZ-98CFdcGW-Iwap49uYVh77MfiM8Z6FPrT7s_v5gyGm1RrSem1cLbh9wmqMtKed465nwIKTKp8SckSrNo4CLnccHcjJmj-s4fj5FqpTSfx7JogMJIsMvUkxT_rPlN=s1280
142.250.74.97200 OK 170 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgevTDg4fUGDJ6BdT44J77CS4f0aSTdGpOuUJWaKbrHkAQww2_jRu_r1dWJrTMZ-98CFdcGW-Iwap49uYVh77MfiM8Z6FPrT7s_v5gyGm1RrSem1cLbh9wmqMtKed465nwIKTKp8SckSrNo4CLnccHcjJmj-s4fj5FqpTSfx7JogMJIsMvUkxT_rPlN=s1280
IP 142.250.74.97:0
File type GIF image data, version 89a, 1200 x 200\012- data
Size 170 kB (169997 bytes)
Hash 15de86334ac2a139fd3c6fbdc5ae59aa
04694b6594c66221a57df88c9bf5ed0d9551d6ed
df12a825794bae5c90a1ac6adce831b026f10cb0481888e24efd289925df0f30
GET /img/a/AVvXsEgevTDg4fUGDJ6BdT44J77CS4f0aSTdGpOuUJWaKbrHkAQww2_jRu_r1dWJrTMZ-98CFdcGW-Iwap49uYVh77MfiM8Z6FPrT7s_v5gyGm1RrSem1cLbh9wmqMtKed465nwIKTKp8SckSrNo4CLnccHcjJmj-s4fj5FqpTSfx7JogMJIsMvUkxT_rPlN=s1280 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5a9"
expires: Mon, 06 Feb 2023 21:10:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Sin t_tulo (1139 _ 293_px) (1200 _ 200_px) (3).gif";filename*=UTF-8''Sin%20t%C3%ADtulo%20(1139%20%C3%97%20293%C2%A0px)%20(1200%20%C3%97%20200%C2%A0px)%20(3).gif
content-type: image/gif
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:10:30 GMT
server: fife
content-length: 169997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=cristoferideas.blogspot.com&callback=_gfp_s_&client=ca-pub-7147741353493354
216.58.207.226200 OK 252 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=cristoferideas.blogspot.com&callback=_gfp_s_&client=ca-pub-7147741353493354
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 4547d9f2f75ee868b873eb4093f1b46c
41bfce437c5630b2c28bad6a39e38444ae69cf03
96a4c9642dfe0bd1b4d6cd33c739b229efe2663d74651b02559f76848f5247f2
GET /gampad/cookie.js?domain=cristoferideas.blogspot.com&callback=_gfp_s_&client=ca-pub-7147741353493354 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 21:10:30 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=cristoferideas.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=cristoferideas.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cristoferideas.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 21:10:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pl18240566.highcpmrevenuenetwork.com/0b/42/0d/0b420db0bd48258fce77e643564fb064.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 pl18240566.highcpmrevenuenetwork.com/0b/42/0d/0b420db0bd48258fce77e643564fb064.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37134), with no line terminators
Hash f3a8900d7a480fcdc37d1a81d342329a
179e03642acd7e97153da79cf36619ad2d4d38b1
95bffe29ea0a50bd95b389c55dc24c19be97e7436c238b87a71ff0f469ec3b21
Analyzer Verdict Alert quad9 Sinkholed
GET /0b/42/0d/0b420db0bd48258fce77e643564fb064.js HTTP/1.1
Host: pl18240566.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:10:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 74e83af61d3bc3b5653cbdcbbabb4dd9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/oswald/v16/TK3iWkUHHAIjg752GT8A.woff
142.250.74.35200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v16/TK3iWkUHHAIjg752GT8A.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 18936, version 1.1\012- data
Hash ca70f49a133f08485bd05d5cb28ef8b7
9029570f276ed6b7d2895ced7175f958fb6c1c5f
a7a4038c6fbb19ba522819188aed0ff204d80e19223b1cab388a290a8d5e47fe
GET /s/oswald/v16/TK3iWkUHHAIjg752GT8A.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:45:57 GMT
expires: Tue, 30 Jan 2024 18:45:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Nov 2017 15:18:46 GMT
content-type: font/woff
age: 527073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc-.woff
142.250.74.35200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc-.woff
IP 142.250.74.35:0
File type Web Open Font Format, TrueType, length 20464, version 1.1\012- data
Hash 87284894879f5b1c229cb49c8ff6decc
fb1bd3baf122d5d350eb387f0536c20da71f09df
ba98f991d002c6bfaaf7b874652ffdcde9261a86925db87df3ed2861ea080adf
GET /s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc-.woff HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20464
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 00:41:26 GMT
expires: Wed, 31 Jan 2024 00:41:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Mar 2019 20:14:10 GMT
content-type: font/woff
age: 505744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=cristoferideas.blogspot.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=cristoferideas.blogspot.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cristoferideas.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 21:10:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.effectivecreativeformat.com/f442aae2ae67ed5c16af59e36236b0cd/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/f442aae2ae67ed5c16af59e36236b0cd/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Hash 7e8048e53ca626bf925df1736874d9fa
07b0da656cb854c6410f733a84a081a8f64001bc
993210a85bea70f3d16a941ba89bfa2695c2452d401c5245cf2eb54455c9b78d
Analyzer Verdict Alert quad9 Sinkholed
GET /f442aae2ae67ed5c16af59e36236b0cd/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:10:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8a866b9b3cfe688f09b4f8a5a3d4655c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d85a52a6f96da59010dc4aef95c24b6d
9e6472e7398d275d976e42fe5eaa6d555146d5bd
3dca4e3f16c9147034ad26ebcb1ab8b175f12ec93697b5d749f383220d0d9069
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgggdXO4SqqUpWNtTVvjz1VSXolwBxozmbShjzdZzRidblEXOCEBux4xzQgUZT48kNwPtoVdjcGTIOCHmIqV57IqYfFEH3qyBShBP7yxa0unxxjPceP5ZbGmDzot_AWvoM_re49c3r0mG4Nfq1Vf5TixO5WcaKbfwLaO7MfkeeKsYFejk8MB4MqMY3u/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(3).png
142.250.74.97200 OK 13 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgggdXO4SqqUpWNtTVvjz1VSXolwBxozmbShjzdZzRidblEXOCEBux4xzQgUZT48kNwPtoVdjcGTIOCHmIqV57IqYfFEH3qyBShBP7yxa0unxxjPceP5ZbGmDzot_AWvoM_re49c3r0mG4Nfq1Vf5TixO5WcaKbfwLaO7MfkeeKsYFejk8MB4MqMY3u/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(3).png
IP 142.250.74.97:0
File type PNG image data, 80 x 80, 8-bit/color RGB, non-interlaced\012- data
Hash 02a236b03851a32fcb1ef664b96e4e23
3bbcd216c181b3d9f8998464efc0016e0fccae7c
9e7d1b640f2bd4efe0615898e4643c8bdd771373a435b718768d70b24322d974
GET /img/b/R29vZ2xl/AVvXsEgggdXO4SqqUpWNtTVvjz1VSXolwBxozmbShjzdZzRidblEXOCEBux4xzQgUZT48kNwPtoVdjcGTIOCHmIqV57IqYfFEH3qyBShBP7yxa0unxxjPceP5ZbGmDzot_AWvoM_re49c3r0mG4Nfq1Vf5TixO5WcaKbfwLaO7MfkeeKsYFejk8MB4MqMY3u/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(3).png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v51d"
expires: Mon, 06 Feb 2023 21:10:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Preparatoria Reuni_n Ideas Foto Collage (370 _ 247_px) (444 _ 250_px) (640 _ 360_px) (3).png";filename*=UTF-8''Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(3).png
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:10:30 GMT
server: fife
content-length: 13387
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSGEO-nlMOEMhsFWVW5bcDQ3ZKA1NKQkKsXbvBp6A4XV-rEK7yDsJZi19Ffkr2hGjCL_Z2kUfUw7ok-JVmQRStGELNLra4ndbq1-_jP6I6C1a6tOpUxIyK3xW-ialQrwsesTe39EdnLMWVOsRKXUXNB0k6NABJbWKOIDhL-It-HeKCMvLRiw9G13LH/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(44).png
142.250.74.97200 OK 14 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSGEO-nlMOEMhsFWVW5bcDQ3ZKA1NKQkKsXbvBp6A4XV-rEK7yDsJZi19Ffkr2hGjCL_Z2kUfUw7ok-JVmQRStGELNLra4ndbq1-_jP6I6C1a6tOpUxIyK3xW-ialQrwsesTe39EdnLMWVOsRKXUXNB0k6NABJbWKOIDhL-It-HeKCMvLRiw9G13LH/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(44).png
IP 142.250.74.97:0
File type PNG image data, 80 x 80, 8-bit/color RGB, non-interlaced\012- data
Hash 7e54fdd31fdaae8e598c6ed786cdb596
1fc514dfe9c579273fa895854b406a116f3e9f65
189dee0e2f58d910dd0b50a2bc6975eee3a1a3a0ab0db837fc6022975c4096db
GET /img/b/R29vZ2xl/AVvXsEiSGEO-nlMOEMhsFWVW5bcDQ3ZKA1NKQkKsXbvBp6A4XV-rEK7yDsJZi19Ffkr2hGjCL_Z2kUfUw7ok-JVmQRStGELNLra4ndbq1-_jP6I6C1a6tOpUxIyK3xW-ialQrwsesTe39EdnLMWVOsRKXUXNB0k6NABJbWKOIDhL-It-HeKCMvLRiw9G13LH/w80-h80-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(44).png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5b7"
expires: Mon, 06 Feb 2023 21:10:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Preparatoria Reuni_n Ideas Foto Collage (370 _ 247_px) (444 _ 250_px) (640 _ 360_px) (44).png";filename*=UTF-8''Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(44).png
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:10:30 GMT
server: fife
content-length: 13633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 2b9fa7773944abe31f5a0d2c89fcf83f
dd497be3ec7fff255da6600a2d92c45d0f4b9a50
68342c1715a25165c46c7832671ce7d31cc3afeda203b110c999875bb79ba116
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 21:10:30 GMT
Last-Modified: Sun, 05 Feb 2023 20:14:56 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rtLjj5zbs4IObi1REV5VOAtU7KwpuG5pHUIcknYLZdVsUbRCJn0zAg==
Age: 3334
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjX9oZHyJCAL-3y3mHsdUDnk4MBMM6nIaw9TACX7BeMG1PCLAO0EI1-igioEozYuRrEs2Jwjgxxg3XvDUh7VO0HMYfL-4WD1bDqDBBh45_t4Qip7vXcqezICpBmlGw0f38BF-QxzyvUixKw2atl9rA2noenDexuQIMm1laBPqx3SFxD48kYibb8pcLA/w591-h332/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(43).png
142.250.74.97200 OK 122 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjX9oZHyJCAL-3y3mHsdUDnk4MBMM6nIaw9TACX7BeMG1PCLAO0EI1-igioEozYuRrEs2Jwjgxxg3XvDUh7VO0HMYfL-4WD1bDqDBBh45_t4Qip7vXcqezICpBmlGw0f38BF-QxzyvUixKw2atl9rA2noenDexuQIMm1laBPqx3SFxD48kYibb8pcLA/w591-h332/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(43).png
IP 142.250.74.97:0
File type PNG image data, 591 x 332, 8-bit/color RGB, non-interlaced\012- data
Size 122 kB (121989 bytes)
Hash ee29fbda45572c7dd5fd55c81839a23c
152670c7e28c771b533bdfdaf9b1c859aa7a003c
90af794359bdce2841b12c9d92b2a676623a26ec5061ec15c89ebad9d3b15e79
GET /img/b/R29vZ2xl/AVvXsEjX9oZHyJCAL-3y3mHsdUDnk4MBMM6nIaw9TACX7BeMG1PCLAO0EI1-igioEozYuRrEs2Jwjgxxg3XvDUh7VO0HMYfL-4WD1bDqDBBh45_t4Qip7vXcqezICpBmlGw0f38BF-QxzyvUixKw2atl9rA2noenDexuQIMm1laBPqx3SFxD48kYibb8pcLA/w591-h332/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(43).png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5b5"
expires: Mon, 06 Feb 2023 21:10:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Preparatoria Reuni_n Ideas Foto Collage (370 _ 247_px) (444 _ 250_px) (640 _ 360_px) (43).png";filename*=UTF-8''Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(43).png
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:10:30 GMT
server: fife
content-length: 121989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 1a7b0a7607167c0fecefce7248bd1c9e
5503f5e194e3701d1ff594400cc1786ee0a96b86
a2e450eda8b3048455c0effdaf23b9556d58a42539af1335ff4227e6e0a6d0b0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cristoferideas.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=fb4f1818-8660-4cc5-8a44-ec2a1d8d66aa:2:1; expires=Wed, 02 Feb 2033 21:10:30 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 61073b9ba1e687d0509b9b1d5679f0f8
26d5fd7041407374966257e8a262be40ae3208a3
fc01dcc95c8f5b30b2344fc7090cff1d9b1223273278c81450e2efbb96590395
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cristoferideas.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=cb646b7c-4801-44a1-8bcc-da7380bed95c:1:1; expires=Wed, 02 Feb 2033 21:10:30 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgToCJvy2_7IGes-ONJpqFiAM7t643N7C9c_gJCzUHWsmAqaR7GwjKIYm0w78rJyluh2j0IvOh-Pf45GTibVBsYMxVvbbVYhe2PNG4gMGCMD5J8YPSMt_3RyQh2dlJ7VK55QehA7afRv8VvXRJNijLREIRNQg1Uw4O-OunQK3omHcVjv2fxr3AcPjjY/w300-h168-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(28).png
142.250.74.97200 OK 38 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgToCJvy2_7IGes-ONJpqFiAM7t643N7C9c_gJCzUHWsmAqaR7GwjKIYm0w78rJyluh2j0IvOh-Pf45GTibVBsYMxVvbbVYhe2PNG4gMGCMD5J8YPSMt_3RyQh2dlJ7VK55QehA7afRv8VvXRJNijLREIRNQg1Uw4O-OunQK3omHcVjv2fxr3AcPjjY/w300-h168-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(28).png
IP 142.250.74.97:0
File type PNG image data, 300 x 168, 8-bit/color RGB, non-interlaced\012- data
Hash c326f293ffd352bcddb5682968fca043
f2b9b6749f9d947c28583f917e7f097b909e371f
314804fafb121a539673dbe6aa397db3e3e7eeb281ea37c507f502eec86a0bfb
GET /img/b/R29vZ2xl/AVvXsEgToCJvy2_7IGes-ONJpqFiAM7t643N7C9c_gJCzUHWsmAqaR7GwjKIYm0w78rJyluh2j0IvOh-Pf45GTibVBsYMxVvbbVYhe2PNG4gMGCMD5J8YPSMt_3RyQh2dlJ7VK55QehA7afRv8VvXRJNijLREIRNQg1Uw4O-OunQK3omHcVjv2fxr3AcPjjY/w300-h168-p-k-no-nu/Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(28).png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v58f"
expires: Mon, 06 Feb 2023 21:10:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Preparatoria Reuni_n Ideas Foto Collage (370 _ 247_px) (444 _ 250_px) (640 _ 360_px) (28).png";filename*=UTF-8''Preparatoria%20Reuni%C3%B3n%20Ideas%20Foto%20Collage%20(370%20%C3%97%20247%C2%A0px)%20(444%20%C3%97%20250%C2%A0px)%20(640%20%C3%97%20360%C2%A0px)%20(28).png
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:10:30 GMT
server: fife
content-length: 38067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7966
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 21:10:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7966
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 21:10:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7966
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 21:10:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7966
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 21:10:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7966
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 21:10:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 82704
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: c11233d1-ef16-4b03-9174-a493011dc0ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEoFHOKIAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8166-4a290e811547293f437311bb;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1F0bxib8bn4kZvGBTL63ecNDDEy6XZ8kIb8K5BNqusVL9SvAAARUJw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:11:45 GMT
age: 82725
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 14:53:51 GMT
age: 22599
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 82772
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 63022
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1092c4dd4d9ca4d09462ae46e1dd7c1
17444ff60be1afbc40d3653fa936f9eaf9478068
ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 84411
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=1907748361348140688&zx=8fb2620e-580d-4aa2-9188-4255a9c64560
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1907748361348140688&zx=8fb2620e-580d-4aa2-9188-4255a9c64560
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=1907748361348140688&zx=8fb2620e-580d-4aa2-9188-4255a9c64560 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 05 Feb 2023 21:10:30 GMT
last-modified: Sun, 05 Feb 2023 21:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd1b8b25bb474958fe86b70d2c3f4f1e
5f566247079fade9c07b785c7878965f06d60f87
2562617404134600a16ab198d0f8b0be313437752ea3dd8a1c1be81fb7152dde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2562617404134600A16AB198D0F8B0BE313437752EA3DD8A1C1BE81FB7152DDE"
Last-Modified: Sun, 05 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19144
Expires: Mon, 06 Feb 2023 02:29:34 GMT
Date: Sun, 05 Feb 2023 21:10:30 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8ffb30f5ba1a43ee6ef26e0d4a885f7f
a22732f20a69a28346302970ce7ca25b15a6f04b
08f20a6236cff43cfc1678d9827bd5b10bae8e71796f50eff7c2a2edc9fa4a15
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:10:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 09:33:14 GMT
Expires: Sun, 12 Feb 2023 09:33:13 GMT
Etag: "a22732f20a69a28346302970ce7ca25b15a6f04b"
Cache-Control: max-age=562361,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ea21b99feb4f1-OSL
residentshove.com/95/88/6c/95886cc94faea130a699ae23788f16b4.js
192.243.59.12200 OK 29 kB URL HTTP/1.1 residentshove.com/95/88/6c/95886cc94faea130a699ae23788f16b4.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash f9d87858161527ade7e93fc04e96151d
7122c360177aa8b15858f49b48b2bbed4ca41ee5
ede1195e3dffef0dea2cd1575f3fb1684693ffc042bbd782c59faa9d6a29dc24
Analyzer Verdict Alert quad9 Sinkholed
GET /95/88/6c/95886cc94faea130a699ae23788f16b4.js HTTP/1.1
Host: residentshove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:10:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7bd3678d3d99a01a9e1d7038f614a340
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
residentshove.com/watch.1521746730815.js?key=f442aae2ae67ed5c16af59e36236b0cd&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c%3A1%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 residentshove.com/watch.1521746730815.js?key=f442aae2ae67ed5c16af59e36236b0cd&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c%3A1%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1521746730815.js?key=f442aae2ae67ed5c16af59e36236b0cd&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c%3A1%3A1 HTTP/1.1
Host: residentshove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:10:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cristoferideas.blogspot.com
Access-Control-Allow-Origin: https://cristoferideas.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://residentshove.com/watch.1521746730815.js?key=f442aae2ae67ed5c16af59e36236b0cd&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c%3A1%3A1&shu=2dadb71b251359112cc2ffdc7cdaaa62314910bfde3cb0e271f22723b199ba641a904d52e3492ae3e681f7766e3a862773363a81e0fc32fed6011fdb0da359cbb155529222bea7aeccc0cbdfff29c7f7d6ce616e&pst=1675631491&rmtc=t
Set-Cookie: u_pl=18066747; expires=Mon, 06 Feb 2023 21:10:31 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODA2Njc0NywiayI6ImY0NDJhYWUyYWU2N2VkNWMxNmFmNTllMzYyMzZiMGNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTE5MjM5LCJwaWQiOjYzMzcwOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJiNjhmODZiOHoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jcmlzdG9mZXJpZGVhcy5ibG9nc3BvdC5jb20vMjAyMy8wMi92ZXItdmlkZW8tcG9yLWhheS1uby1kYW55Lmh0bWw_bT0xIn19.ReY9S39V4V48mqZeP3PFKgPnghqpCU2JICDe-lMOtDE; expires=Sun, 05 Feb 2023 21:11:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 002e9241fde036a1a85ab82a880424b5
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.eswhik.com/drive/api/actualizacion-button-modal
162.0.235.125200 OK 284 B URL HTTP/2 cdn.eswhik.com/drive/api/actualizacion-button-modal
IP 162.0.235.125:0
File type HTML document, ASCII text, with CRLF line terminators
Hash a1adc02b5cc4e8a008c2e63f3d505c6a
37b884adfee67bbae3825f1da8279b6bba2979ab
af6b1b4277b898678175b7530a3c02f2f35c43a75bf73df72e31b91ec861f05c
GET /drive/api/actualizacion-button-modal HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 17 May 2022 04:19:12 GMT
accept-ranges: bytes
content-length: 284
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
residentshove.com/watch.268599261383.js?key=61f260f5b6f4113faddb2b93ac98b7ca&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=fb4f1818-8660-4cc5-8a44-ec2a1d8d66aa%3A2%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 residentshove.com/watch.268599261383.js?key=61f260f5b6f4113faddb2b93ac98b7ca&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=fb4f1818-8660-4cc5-8a44-ec2a1d8d66aa%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.268599261383.js?key=61f260f5b6f4113faddb2b93ac98b7ca&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=fb4f1818-8660-4cc5-8a44-ec2a1d8d66aa%3A2%3A1 HTTP/1.1
Host: residentshove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:10:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cristoferideas.blogspot.com
Access-Control-Allow-Origin: https://cristoferideas.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://residentshove.com/watch.268599261383.js?key=61f260f5b6f4113faddb2b93ac98b7ca&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=fb4f1818-8660-4cc5-8a44-ec2a1d8d66aa%3A2%3A1&shu=19e4a930b1091bd9414a414cf507270eb12cb0b12351c4ad70e90334594d9c41d7e5193671e0f0a117318f600d186457788119f0bba380043d0ae365ff0d37fd0ba2977753b1c8717d9f5278db3692038127ce79&pst=1675631491&rmtc=t
Set-Cookie: u_pl=18089664; expires=Mon, 06 Feb 2023 21:10:31 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODA4OTY2NCwiayI6IjYxZjI2MGY1YjZmNDExM2ZhZGRiMmI5M2FjOThiN2NhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTE5MjM5LCJwaWQiOjYzMzcwOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoieWFhd2FzeWYydiIsImNwa3MiOnsgIjI4IjoiOTU4ODZjYzk0ZmFlYTEzMGE2OTlhZTIzNzg4ZjE2YjQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY3Jpc3RvZmVyaWRlYXMuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvdmVyLXZpZGVvLXBvci1oYXktbm8tZGFueS5odG1sP209MSJ9fQ.r6gpOSej29EDU7B0oYTRya9fiQWxSNfeAb92PUHpOM0; expires=Sun, 05 Feb 2023 21:11:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 131e4424f8a898248f4b6556eeb48298
Strict-Transport-Security: max-age=0; includeSubdomains
residentshove.com/pixel/purst?dl=0&th=0&sc=0&rs=2820&rd=2820&fd=760&bv=22.10.v.10&tmpl=136
192.243.59.12200 OK 0 B URL HTTP/1.1 residentshove.com/pixel/purst?dl=0&th=0&sc=0&rs=2820&rd=2820&fd=760&bv=22.10.v.10&tmpl=136
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2820&rd=2820&fd=760&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: residentshove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:10:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
residentshove.com/watch.1521746730815.js?key=f442aae2ae67ed5c16af59e36236b0cd&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c%3A1%3A1&shu=2dadb71b251359112cc2ffdc7cdaaa62314910bfde3cb0e271f22723b199ba641a904d52e3492ae3e681f7766e3a862773363a81e0fc32fed6011fdb0da359cbb155529222bea7aeccc0cbdfff29c7f7d6ce616e&pst=1675631491&rmtc=t
192.243.59.12200 OK 2.1 kB URL HTTP/1.1 residentshove.com/watch.1521746730815.js?key=f442aae2ae67ed5c16af59e36236b0cd&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c%3A1%3A1&shu=2dadb71b251359112cc2ffdc7cdaaa62314910bfde3cb0e271f22723b199ba641a904d52e3492ae3e681f7766e3a862773363a81e0fc32fed6011fdb0da359cbb155529222bea7aeccc0cbdfff29c7f7d6ce616e&pst=1675631491&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2605)
Hash 7b2424405c82ecf21980a90a81a06e4d
8f351884e48b70a405f90fc473b34335edd437cf
c31f595dbe39851388e8cffc42f0a1b889fc76b390e0c9e8a5a365a0df9854fc
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1521746730815.js?key=f442aae2ae67ed5c16af59e36236b0cd&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c%3A1%3A1&shu=2dadb71b251359112cc2ffdc7cdaaa62314910bfde3cb0e271f22723b199ba641a904d52e3492ae3e681f7766e3a862773363a81e0fc32fed6011fdb0da359cbb155529222bea7aeccc0cbdfff29c7f7d6ce616e&pst=1675631491&rmtc=t HTTP/1.1
Host: residentshove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Referer: https://cristoferideas.blogspot.com/
Connection: keep-alive
Cookie: u_pl=18066747; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODA2Njc0NywiayI6ImY0NDJhYWUyYWU2N2VkNWMxNmFmNTllMzYyMzZiMGNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTE5MjM5LCJwaWQiOjYzMzcwOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJiNjhmODZiOHoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jcmlzdG9mZXJpZGVhcy5ibG9nc3BvdC5jb20vMjAyMy8wMi92ZXItdmlkZW8tcG9yLWhheS1uby1kYW55Lmh0bWw_bT0xIn19.ReY9S39V4V48mqZeP3PFKgPnghqpCU2JICDe-lMOtDE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:10:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cristoferideas.blogspot.com
Access-Control-Allow-Origin: https://cristoferideas.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cb646b7c-4801-44a1-8bcc-da7380bed95c:1:1; expires=Sun, 12 Feb 2023 21:10:31 GMT; secure; SameSite=None
iprcf5b3229c13d45dd0173d9f2c9198b732=3569806; expires=Mon, 06 Feb 2023 01:10:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 21:10:31 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 21:10:31 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 06 Feb 2023 21:10:31 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 06 Feb 2023 21:10:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 513dbac8d26e96e139ee35f78bdea173
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
residentshove.com/watch.268599261383.js?key=61f260f5b6f4113faddb2b93ac98b7ca&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=fb4f1818-8660-4cc5-8a44-ec2a1d8d66aa%3A2%3A1&shu=19e4a930b1091bd9414a414cf507270eb12cb0b12351c4ad70e90334594d9c41d7e5193671e0f0a117318f600d186457788119f0bba380043d0ae365ff0d37fd0ba2977753b1c8717d9f5278db3692038127ce79&pst=1675631491&rmtc=t
192.243.59.12200 OK 2.1 kB URL HTTP/1.1 residentshove.com/watch.268599261383.js?key=61f260f5b6f4113faddb2b93ac98b7ca&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=fb4f1818-8660-4cc5-8a44-ec2a1d8d66aa%3A2%3A1&shu=19e4a930b1091bd9414a414cf507270eb12cb0b12351c4ad70e90334594d9c41d7e5193671e0f0a117318f600d186457788119f0bba380043d0ae365ff0d37fd0ba2977753b1c8717d9f5278db3692038127ce79&pst=1675631491&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2612)
Hash 0863f08c212b761916ae142eb41cbcaf
2587447418491b927904646a171a250cb2256ce2
76df4fa48031bdbcca627b20261e06e75064529c92cc3f11cd174995aa9b295e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.268599261383.js?key=61f260f5b6f4113faddb2b93ac98b7ca&kw=%5B%22ver%22%2C%22video%22%2C%22por%22%2C%22hay%22%2C%22no%22%2C%22dany%22%5D&refer=https%3A%2F%2Fcristoferideas.blogspot.com%2F2023%2F02%2Fver-video-por-hay-no-dany.html%3Fm%3D1&tz=0&dev=e&res=12.1055&uuid=fb4f1818-8660-4cc5-8a44-ec2a1d8d66aa%3A2%3A1&shu=19e4a930b1091bd9414a414cf507270eb12cb0b12351c4ad70e90334594d9c41d7e5193671e0f0a117318f600d186457788119f0bba380043d0ae365ff0d37fd0ba2977753b1c8717d9f5278db3692038127ce79&pst=1675631491&rmtc=t HTTP/1.1
Host: residentshove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Referer: https://cristoferideas.blogspot.com/
Connection: keep-alive
Cookie: u_pl=18089664; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODA4OTY2NCwiayI6IjYxZjI2MGY1YjZmNDExM2ZhZGRiMmI5M2FjOThiN2NhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTE5MjM5LCJwaWQiOjYzMzcwOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoieWFhd2FzeWYydiIsImNwa3MiOnsgIjI4IjoiOTU4ODZjYzk0ZmFlYTEzMGE2OTlhZTIzNzg4ZjE2YjQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY3Jpc3RvZmVyaWRlYXMuYmxvZ3Nwb3QuY29tLzIwMjMvMDIvdmVyLXZpZGVvLXBvci1oYXktbm8tZGFueS5odG1sP209MSJ9fQ.r6gpOSej29EDU7B0oYTRya9fiQWxSNfeAb92PUHpOM0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:10:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cristoferideas.blogspot.com
Access-Control-Allow-Origin: https://cristoferideas.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fb4f1818-8660-4cc5-8a44-ec2a1d8d66aa:2:1; expires=Sun, 12 Feb 2023 21:10:31 GMT; secure; SameSite=None
iprcadce8e77f3c8cc2013514f7139f390a5=3570421; expires=Mon, 06 Feb 2023 01:10:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 21:10:31 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 21:10:31 GMT; secure; SameSite=None
pdhtkv32=true; expires=Mon, 06 Feb 2023 21:10:31 GMT; secure; SameSite=None
uncs32=1; expires=Mon, 06 Feb 2023 21:10:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: df2404d4281b3e7f00e25755125056ef
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.eswhik.com/drive/api/delete
162.0.235.125200 OK 944 B URL HTTP/2 cdn.eswhik.com/drive/api/delete
IP 162.0.235.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash c1d95d8be30b014842d23fee096d2835
f22f7bd8da47cc0e3bd8d187b55dc537d394f627
14fc7e9e48937ebc6498e393842541e67ae19c28d60edbdf8b79fb60ca142214
GET /drive/api/delete HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/xml
last-modified: Wed, 28 Sep 2022 01:58:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 944
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dee62a2a013d4ee8d946cfdb1f4be459
17d8d9f9e538b311321383f7a26f258730f6fe52
e25753484ff7daa3fe858dcf3173286fe242afd6fd13732f8fc38b7b7940a7ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E25753484FF7DAA3FE858DCF3173286FE242AFD6FD13732F8FC38B7B7940A7CA"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2615
Expires: Sun, 05 Feb 2023 21:54:06 GMT
Date: Sun, 05 Feb 2023 21:10:31 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
45.133.44.9200 OK 25 kB URL HTTP/2 cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 320x50, components 3\012- data
Hash d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:31 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Tue, 07 Feb 2023 21:10:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.eswhik.com/npm/theme.js
162.0.235.125200 OK 159 B URL HTTP/2 cdn.eswhik.com/npm/theme.js
IP 162.0.235.125:0
File type ASCII text, with very long lines (313), with no line terminators
Hash b3c9db20345a5c7e20ccef6d0b62e9c3
b88ae075cc9500706e7ef1d772da32d3d9771463
677a68255ca1c200533e5d0899900cce4754232c93a9aff5ef4742d464215271
GET /npm/theme.js HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:31 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 17:49:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 159
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/api/off-domain.js
162.0.235.125200 OK 299 B URL HTTP/2 cdn.eswhik.com/drive/api/off-domain.js
IP 162.0.235.125:0
File type ASCII text, with very long lines (699), with no line terminators
Hash e2c1a6165169af721356130644aa1c18
92c3bdc46cd862f39fafe6554e1eec1d2934a0b5
2fc4d1ad3af303fc4fed06c875365e3c376c2ab59794b10dcb074fba643c0638
GET /drive/api/off-domain.js HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:31 GMT
content-type: application/javascript
last-modified: Wed, 28 Sep 2022 23:16:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 299
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.9200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:31 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Tue, 07 Feb 2023 21:10:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.eswhik.com/npm/tags
162.0.235.125200 OK 299 B IP 162.0.235.125:0
File type HTML document text\012- exported SGML document, ASCII text
Hash 2790f7c93a2509a96e27f5d6e7eb4c12
c2aeaf208823f01d7d1fc7b0754dcd05ebaca78a
dd9f7d7b33f7173a9174365c5cc3e2c74db9f0b5e7e4b5023c756281535f3e2c
GET /npm/tags HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/xml
last-modified: Tue, 18 Oct 2022 18:01:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 299
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
eswhik.github.io/drive/buttons/z1/config
185.199.109.153200 OK 198 B URL HTTP/2 eswhik.github.io/drive/buttons/z1/config
IP 185.199.109.153:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 59001bf34215e3a823a0a5b91ff3f343
cb26fa2c2dc9dafffc3bc47e2d10c318a1293e15
4a03fc9cb073f437d418a3599ac942592c3654fa302461d0436a8a9781ba35ff
GET /drive/buttons/z1/config HTTP/1.1
Host: eswhik.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 24 Nov 2022 16:49:30 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"637fa09a-17d"
expires: Sun, 05 Feb 2023 05:44:29 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 37F8:0364:1817ADD:21B45F5:63DF3FE4
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:10:31 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675631432.780901,VS0,VE105
vary: Accept-Encoding
x-fastly-request-id: 4660b7a32c103fa6df514e0c4a680f47d7f15023
content-length: 198
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js
162.0.235.125200 OK 30 kB URL HTTP/2 cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js
IP 162.0.235.125:0
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 44dd37c6afbc20e65d5dc29b4b5f47ce
f8043353cd21e586427867d82e09b226be76b642
599856cc40612b446b921375fc1423953f8868c47d2968ea5f71d695cb8ea40c
GET /drive/jquery/jquery-3.5.1.min.js HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:31 GMT
content-type: application/javascript
last-modified: Sat, 16 Apr 2022 00:26:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30274
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
eswhik.github.io/drive/buttons/z1/style.css
185.199.109.153200 OK 816 B URL HTTP/2 eswhik.github.io/drive/buttons/z1/style.css
IP 185.199.109.153:0
File type ASCII text, with CRLF line terminators
Hash 5a7f72608264a4f66e77d97300147370
def7c166ef7c60cb5303864dd367135d0056a46d
c0c2a7c304de6f6fa20362dc7407b23f2310bf48ae18fa938242b0af2cc719f0
GET /drive/buttons/z1/style.css HTTP/1.1
Host: eswhik.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Thu, 24 Nov 2022 16:49:30 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"637fa09a-1618"
expires: Sun, 05 Feb 2023 17:35:16 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: E7EA:059D:12C3C8:136AE2:63DFE67C
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:10:32 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675631432.168973,VS0,VE102
vary: Accept-Encoding
x-fastly-request-id: 8836bd49b4641769e89fa7ad3931bfa283f9e5a5
content-length: 816
X-Firefox-Spdy: h2
eswhik.github.io/drive/buttons/z1/error
185.199.109.153200 OK 23 B URL HTTP/2 eswhik.github.io/drive/buttons/z1/error
IP 185.199.109.153:0
Hash 84ddaf76e9b0621e95f2a5808b51565a
b9f252fb649d1e108702b5f422ddd1b311416cd0
7520d7376659fb82408fb03f940ca06a2ae4ba9723394ace502a90d0c06a9da7
GET /drive/buttons/z1/error HTTP/1.1
Host: eswhik.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 24 Nov 2022 16:49:30 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "637fa09a-17"
expires: Sun, 05 Feb 2023 17:35:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: F8B6:3D41:12BE80:1365DD:63DFE67C
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:10:32 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675631432.170440,VS0,VE103
vary: Accept-Encoding
x-fastly-request-id: 9cc4249b70b4c1cb3f5b7a2849bc3210f785fb72
content-length: 23
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/script/300x250-cpm.js
162.0.235.125200 OK 791 B URL HTTP/2 cdn.eswhik.com/drive/script/300x250-cpm.js
IP 162.0.235.125:0
File type ASCII text, with CRLF line terminators
Hash c449cd1c79c2fff02402731f6f0dd150
465465168195cced4bea5d81fad14bb13c3cf86b
a452165dcf69f3b793f45e7bd94e792f906373edc90905e75cdc855b69113daf
GET /drive/script/300x250-cpm.js HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:31 GMT
content-type: application/javascript
last-modified: Wed, 27 Apr 2022 02:07:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 791
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/reCAPTCHA/sites
162.0.235.125404 Not Found 1.2 kB URL HTTP/2 cdn.eswhik.com/drive/reCAPTCHA/sites
IP 162.0.235.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /drive/reCAPTCHA/sites HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0
162.0.235.125200 OK 270 B URL HTTP/2 cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0
IP 162.0.235.125:0
File type HTML document text\012- HTML document, ASCII text
Hash ff7a8d4f6210601b040253cbc3bb8eff
8719fe1ac7c3feb63c4ae73e313b2d785311f96b
31937db8fafbca0b45992129a7d9d1eb67a99b6ff16523b22adaf05c16eddc10
GET /drive/reCAPTCHA/Sistema-Blogger-2.0 HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/xml
last-modified: Tue, 10 May 2022 18:21:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 270
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/script/api-popunder.js
162.0.235.125200 OK 1.4 kB URL HTTP/2 cdn.eswhik.com/drive/script/api-popunder.js
IP 162.0.235.125:0
File type ASCII text, with CRLF line terminators
Hash a3b6b0e7338136e9dc155b701487abe4
901873702f5858f7b5ec9b433ea3b52032eb4074
5e6d78ac76b3f9b28107d0d7051f080c4a512c0cf555f551715fb4375759caa8
GET /drive/script/api-popunder.js HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:31 GMT
content-type: application/javascript
last-modified: Mon, 02 May 2022 21:30:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1351
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/tags/pregressAdTime
162.0.235.125200 OK 116 B URL HTTP/2 cdn.eswhik.com/drive/tags/pregressAdTime
IP 162.0.235.125:0
File type HTML document, ASCII text
Hash 39b6b6d78abe22e19cec132fa0793f69
fdba2f944e2948f22af5802148f9961ca49438ca
469111dbf570ab84e399effcf946cded45fcff8263e5b86daecd67783d6127ee
GET /drive/tags/pregressAdTime HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/xml
last-modified: Tue, 10 May 2022 01:05:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 116
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/analytics-eswhik
162.0.235.125200 OK 206 B URL HTTP/2 cdn.eswhik.com/analytics-eswhik
IP 162.0.235.125:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 438e80c96e98d5ca4864320cda426a3f
ddb409b840874c913529cba8bd530aee2945c5ef
4484f50a49ec3b723354e916de72b8d147889aa0826f791cea3f677dfbba566c
GET /analytics-eswhik HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/xml
last-modified: Fri, 20 May 2022 20:46:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 206
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/css/Eswhik-CPM-2.0.css
162.0.235.125200 OK 388 B URL HTTP/2 cdn.eswhik.com/drive/css/Eswhik-CPM-2.0.css
IP 162.0.235.125:0
File type ASCII text, with very long lines (504)
Hash 8c85cdd581b276b69afd99331d2023bb
80a0054d8a617dd6bb77f22beec07f8280955ffe
3231e35a8c59ad41d047347b381728491b3f49df28c96abd4bdcc4c81423ee6d
GET /drive/css/Eswhik-CPM-2.0.css HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:31 GMT
content-type: text/css
last-modified: Tue, 10 May 2022 17:35:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 388
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/api/api-eswhik-push
162.0.235.125200 OK 290 B URL HTTP/2 cdn.eswhik.com/drive/api/api-eswhik-push
IP 162.0.235.125:0
File type HTML document, ASCII text, with CRLF line terminators
Hash fe7e5f4f0846742d5b4153c14bb3abd3
95e7f62cc5b0802bbc6b59298e1fcc32d354a590
ac34695b72e4e902bba01b5ef320dcd2aa03edf02bfb909a3ca23b9d2607899c
GET /drive/api/api-eswhik-push HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 02 Jun 2022 22:29:22 GMT
accept-ranges: bytes
content-length: 290
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/script/copyright-eswhik.js
162.0.235.125200 OK 276 B URL HTTP/2 cdn.eswhik.com/drive/script/copyright-eswhik.js
IP 162.0.235.125:0
File type ASCII text, with CRLF line terminators
Hash ec3c82e3bf957076ac8549f481f7f5f6
aedc97d9369b25e04858308d99071f4697cb26c6
6eadfdc9e4fc5d388dc0954a7915cd2ea6c2df5bb37e8c1215ec586e76b217ee
GET /drive/script/copyright-eswhik.js HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:31 GMT
content-type: application/javascript
last-modified: Fri, 03 Jun 2022 22:24:46 GMT
accept-ranges: bytes
content-length: 276
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/api/api-eswhik-cpm-v2
162.0.235.125200 OK 299 B URL HTTP/2 cdn.eswhik.com/drive/api/api-eswhik-cpm-v2
IP 162.0.235.125:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 8e4427029309a645bfb5ec77161aac10
0ea7baece09249b5e919282466f7fade2bd0e060
5e517ad8e188a0988539134143b8bdd42ae4bbeb66c9fa45fb4407489050d0e8
GET /drive/api/api-eswhik-cpm-v2 HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Jun 2022 22:29:28 GMT
accept-ranges: bytes
content-length: 299
date: Sun, 05 Feb 2023 21:10:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7147741353493354&host=ca-host-pub-1556223355139109
172.217.21.162200 OK 1.1 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7147741353493354&host=ca-host-pub-1556223355139109
IP 172.217.21.162:0
File type ASCII text, with CRLF line terminators
Hash 5710c12167398bf7c019bfd32cd42c9b
4f08c30d2237b37158a62e4696f5d88f1c140841
c33f9aa83e43edc9d5970fa3909b930f5ef683efed2479f698dfbe8f94217fcb
GET /pagead/js/adsbygoogle.js?client=ca-pub-7147741353493354&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Feb 2023 21:10:30 GMT
expires: Sun, 05 Feb 2023 21:10:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6459348346239227523
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/script/load-scripts-eswhik-premium.js
162.0.235.125200 OK 417 B URL HTTP/2 cdn.eswhik.com/drive/script/load-scripts-eswhik-premium.js
IP 162.0.235.125:0
File type ASCII text, with very long lines (1001), with CRLF line terminators
Hash 764dd11e673f50a17c16ca81c878fa8a
b373a7cbbbf189aa5246a22f4a44be6b833fdbde
dc0c6578ffdf2abe7c51982fe561f4b18e0111bd81f1a165327dc213a0f39df0
GET /drive/script/load-scripts-eswhik-premium.js HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:32 GMT
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 22:24:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 417
date: Sun, 05 Feb 2023 21:10:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/reCAPTCHA/sites
162.0.235.125404 Not Found 1.2 kB URL HTTP/2 cdn.eswhik.com/drive/reCAPTCHA/sites
IP 162.0.235.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /drive/reCAPTCHA/sites HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 05 Feb 2023 21:10:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
142.250.74.164200 OK 578 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (909), with no line terminators
Hash 2672ff05f8bc7eda93c563abfc745b2b
1f034b4ed041dcd30213c216cf9577e33fee586e
cf5c01ee8166251a53f7c12e7e1635df845c491f16217106f35512093cb4d729
GET /recaptcha/api.js?onload=onloadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 05 Feb 2023 21:10:32 GMT
date: Sun, 05 Feb 2023 21:10:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 578
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/css/pregressAdTime.css
162.0.235.125200 OK 2.8 kB URL HTTP/2 cdn.eswhik.com/drive/css/pregressAdTime.css
IP 162.0.235.125:0
File type ASCII text, with very long lines (12077), with no line terminators
Hash a869feb448fa0eb9a2c0e270b88f89e2
d42ef18418c100ef5c4a40180ee5781d01fd3e9e
592a1a91c78bb6c3672d15744de0bca4164c22b0aaea4cd982a32b5122e64c06
GET /drive/css/pregressAdTime.css HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:32 GMT
content-type: text/css
last-modified: Tue, 10 May 2022 00:45:32 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2781
date: Sun, 05 Feb 2023 21:10:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/script/progressAd.js
162.0.235.125200 OK 557 B URL HTTP/2 cdn.eswhik.com/drive/script/progressAd.js
IP 162.0.235.125:0
File type ASCII text, with CRLF line terminators
Hash f643d6b458d0a980bc69e3f6e7e6bf7e
0c2a409df73caf3c721c09f4ee217cff385dbbcf
2d59b99ce15e2e2016a97b07f5261c451fdb3fdcf11299b04945e8380a6ab2a3
GET /drive/script/progressAd.js HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:32 GMT
content-type: application/javascript
last-modified: Mon, 09 May 2022 23:29:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 557
date: Sun, 05 Feb 2023 21:10:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/script/ConfigProgressAd.js
162.0.235.125200 OK 251 B URL HTTP/2 cdn.eswhik.com/drive/script/ConfigProgressAd.js
IP 162.0.235.125:0
File type ASCII text, with CRLF line terminators
Hash 2ad94a9e06f0905de0a01a5aa0adb7c6
117416179478d74bce53fc1e5a61d5c6ab167662
02fbe4db5987b0bba1cf4f7360548a31a1ebd000fd945f31c7b1a9a6344923d4
GET /drive/script/ConfigProgressAd.js HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:32 GMT
content-type: application/javascript
last-modified: Tue, 10 May 2022 01:04:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 251
date: Sun, 05 Feb 2023 21:10:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/tags/eswhik-push
162.0.235.125200 OK 174 B URL HTTP/2 cdn.eswhik.com/drive/tags/eswhik-push
IP 162.0.235.125:0
File type HTML document, ASCII text
Hash 1bcf4681219f557e1443451ed01d2455
14524f9a56f301f0a1d22ea7b84b2d71c6066c34
0afa89cb6e2f3db520516d605e1bfcc52b0818c0bacc2ccdbc36a99c1e2b40e3
GET /drive/tags/eswhik-push HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/xml
last-modified: Thu, 02 Jun 2022 22:28:26 GMT
accept-ranges: bytes
content-length: 174
date: Sun, 05 Feb 2023 21:10:32 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/css/eswhik-push.css
162.0.235.125200 OK 502 B URL HTTP/2 cdn.eswhik.com/drive/css/eswhik-push.css
IP 162.0.235.125:0
File type ASCII text, with very long lines (942), with CRLF line terminators
Hash 787596da45128a86eaa085b129e007a4
d0da35de9cd74f7e3fa2ed14c48ab4011a7c096b
df02029ec4185e0be479153b7ca780d7e4082e6620787c6d12f4d9525092ee76
GET /drive/css/eswhik-push.css HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:33 GMT
content-type: text/css
last-modified: Thu, 02 Jun 2022 22:21:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 502
date: Sun, 05 Feb 2023 21:10:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/script/eswhik-push.js
162.0.235.125200 OK 290 B URL HTTP/2 cdn.eswhik.com/drive/script/eswhik-push.js
IP 162.0.235.125:0
File type ASCII text, with CRLF line terminators
Hash 6d84a7486a3182c4870b8f7cb01deecd
50158c5197b8d0f14f431fdcb4ccd5453d50fe96
9f26a4691ce661d591ad717c0486a05fa4238fc98012ff1fcb78c051e04a36d0
GET /drive/script/eswhik-push.js HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:33 GMT
content-type: application/javascript
last-modified: Fri, 03 Jun 2022 01:15:24 GMT
accept-ranges: bytes
content-length: 290
date: Sun, 05 Feb 2023 21:10:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik
162.0.235.125200 OK 108 B URL HTTP/2 cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik
IP 162.0.235.125:0
Hash 58056e9bffe02520600fb4ff750a1001
38fd6bb14202d6589ba0676a52f5d115791dbbb7
2f4d3d0e7fd1a21de4e275fd70b4ad1c4534abb87f800475966bfd3bff0d56e1
GET /drive/tags/cpm-script-v2-eswhik HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/xml
last-modified: Fri, 03 Jun 2022 23:04:16 GMT
accept-ranges: bytes
content-length: 108
date: Sun, 05 Feb 2023 21:10:33 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdn.eswhik.com/drive/css/cpm-script-v2-eswhik.css
162.0.235.125200 OK 595 B URL HTTP/2 cdn.eswhik.com/drive/css/cpm-script-v2-eswhik.css
IP 162.0.235.125:0
File type ASCII text, with very long lines (444), with CRLF line terminators
Hash 51e9817046c75da47cb99bab2be42523
fb6c8f3a1d6f75b667611bf4727fa37fd01e727f
5d5a80b8b9a0366721390aef6180206288b9963bd0555d5836c2c842a0fe7f8d
GET /drive/css/cpm-script-v2-eswhik.css HTTP/1.1
Host: cdn.eswhik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 12 Feb 2023 21:10:31 GMT
content-type: text/css
last-modified: Fri, 03 Jun 2022 22:21:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 595
date: Sun, 05 Feb 2023 21:10:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js
104.16.122.175200 OK 22 kB URL HTTP/2 unpkg.com/ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js
IP 104.16.122.175:0
File type ASCII text, with very long lines (3852), with no line terminators
Hash b403d738f1bba07aee51d06e5a88763f
b03b10cf1168041f39838663fb65a6e9dac051ca
212fa9a43f58a4838266abd1b4e421536ad79da63693ff18469084946d82f5c1
GET /ionicons@5.5.2/dist/ionicons/p-5c60b45e.entry.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:33 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"f0c-XGC0Xo+O3L3bEnfKma9bLpz3l0o"
via: 1.1 fly.io
fly-request-id: 01F91M7BVWYD3K3MJPCSRQ97C2
cf-cache-status: HIT
age: 19469210
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794ea22b6e550b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 19:45:20 GMT
expires: Sun, 05 Feb 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 5113
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d78afea3244fcbc9f75d23035d38db9b
fa62310ca27a4e4c48f55da85442925c6c5b033c
47b8b1a427b8fb7aadbacad1efca1920a64999a1939ca5891d542d7b18c779ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "47B8B1A427B8FB7AADBACAD1EFCA1920A64999A1939CA5891D542D7B18C779EE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7649
Expires: Sun, 05 Feb 2023 23:18:02 GMT
Date: Sun, 05 Feb 2023 21:10:33 GMT
Connection: keep-alive
unpkg.com/ionicons@5.5.2/dist/ionicons/p-3f680f7e.js
104.16.122.175200 OK 763 B URL HTTP/2 unpkg.com/ionicons@5.5.2/dist/ionicons/p-3f680f7e.js
IP 104.16.122.175:0
File type ASCII text, with very long lines (809), with no line terminators
Hash 1db5fc40c82ef208c02a2599bfe8cb23
7758e5f91809039acec95b067dea3cd9bcf927ae
ee021aeedea85c6d26b2a0c3fe87d9056a074e87874a5a078d8eb646e2525b23
GET /ionicons@5.5.2/dist/ionicons/p-3f680f7e.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:33 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"329-ka9laISJtweBFGezhbjKpn5aTrg"
via: 1.1 fly.io
fly-request-id: 01GQ3YXZSPAP988ZCQSZ6HCM5G-fra
cf-cache-status: HIT
age: 1534826
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794ea22bae970b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.0/animate.min.css
104.17.25.14200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.0/animate.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65346)
Hash bdaa141074a3e61380c66ce38213ed91
506dc97ae9500edf923511ecbac1edd85bfcd149
41ebd308b025da8d405615e921d6d0a87931967312fff8487a990c567046cd97
GET /ajax/libs/animate.css/4.1.0/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:33 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb941af-11848"
last-modified: Mon, 11 May 2020 12:14:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1534165
expires: Fri, 26 Jan 2024 21:10:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkGg7rgFbC6WOlESBTt6%2BSmSpzPDMmnov4dR42H%2FfEWl9F4vZ96e%2FVsJMD9vcH0NK4BpoAFG2gc8EFTs0%2B5hiIRa8OJi7vO5e6QrzD5kow9eLY37UCWgdu7zKnDfOtmWVIxTh3Sj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 794ea22c1f1eb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2976
Cache-Control: max-age=86648
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:33 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 21:14:42 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
unpkg.com/ionicons@5.5.2/dist/ionicons/svg/link.svg
104.16.122.175200 OK 869 B URL HTTP/2 unpkg.com/ionicons@5.5.2/dist/ionicons/svg/link.svg
IP 104.16.122.175:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with no line terminators
Hash f2a69d047d51038ec1767d4ca146a7a3
c5766ebad9c4b53d64b23cefd01b83ce64ad569b
a3b993ce3106a762a05d9d52ac4f4d25c9499133eb0b0c6840a10c7bd6606ba4
GET /ionicons@5.5.2/dist/ionicons/svg/link.svg HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:33 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"12b-Hzvzj70prqPQQpmytEtoN6p2ADo"
via: 1.1 fly.io
fly-request-id: 01GR4V6C43CK8PB4K213JRBCRN-ams
cf-cache-status: HIT
age: 431449
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794ea22c1eff0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58c88b34c980fa136e81f2dac9563cd1
f76f7affe7fb2a0243b2da835f45025a73728a44
9e97bb4f9c31760527104c46561ce2c7dc7ece405c660b4f16660c78cc8a892f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E97BB4F9C31760527104C46561CE2C7DC7ECE405C660B4F16660C78CC8A892F"
Last-Modified: Sat, 04 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10685
Expires: Mon, 06 Feb 2023 00:08:38 GMT
Date: Sun, 05 Feb 2023 21:10:33 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d78afea3244fcbc9f75d23035d38db9b
fa62310ca27a4e4c48f55da85442925c6c5b033c
47b8b1a427b8fb7aadbacad1efca1920a64999a1939ca5891d542d7b18c779ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "47B8B1A427B8FB7AADBACAD1EFCA1920A64999A1939CA5891D542D7B18C779EE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7648
Expires: Sun, 05 Feb 2023 23:18:02 GMT
Date: Sun, 05 Feb 2023 21:10:34 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
192.243.61.225200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:10:34 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e83f105a70fee2e10818a50ffd23e2cd
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aeeefd2d41311d21e58a79216388b8ec
61b6224aed9721be9b600640073c26f91fe2566b
70abf72a66f3491630ee6d380cd655a33489aa411b1bac80319190f31d2a6295
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70ABF72A66F3491630EE6D380CD655A33489AA411B1BAC80319190F31D2A6295"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19117
Expires: Mon, 06 Feb 2023 02:29:11 GMT
Date: Sun, 05 Feb 2023 21:10:34 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 711bfa565919548ccadd9e9e1ac41792
4ff0e50ab07d187f3e71e30924990461c77f8f04
92d179de98d6fd14807963bae6dae8852197f9fd7e498c3abd98143ff209ca28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:10:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 05 Feb 2023 21:10:34 GMT
expires: Sun, 05 Feb 2023 21:10:34 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
solitudearbitrary.com/sbar.json?key=0b420db0bd48258fce77e643564fb064&uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c%3A1%3A1
192.243.61.227200 OK 3.6 kB URL HTTP/1.1 solitudearbitrary.com/sbar.json?key=0b420db0bd48258fce77e643564fb064&uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6256), with no line terminators
Hash 27d089d054b95a0aec8a23635e7be6ed
cdd7f65ff60b2322e622b16a3746fe5145e59246
efbc988497f7972b67db2ef20debcc687108a0678f718726407e8870d6b04be2
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=0b420db0bd48258fce77e643564fb064&uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c%3A1%3A1 HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:10:34 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cristoferideas.blogspot.com
Access-Control-Allow-Origin: https://cristoferideas.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18140067; expires=Mon, 06 Feb 2023 21:10:34 GMT; secure; SameSite=None
uid_id2=cb646b7c-4801-44a1-8bcc-da7380bed95c:1:1; expires=Sun, 12 Feb 2023 21:10:34 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 21:10:34 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 21:10:34 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 06 Feb 2023 21:10:34 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 06 Feb 2023 21:10:34 GMT; secure; SameSite=None
slec0b420db0bd48258fce77e643564fb064=[3952979]; expires=Sun, 05 Feb 2023 21:10:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dc65924cf30ab2b21c1d3f10243abf2f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 28722a81dd6194f41bee4e8714bd4af3
181ca47fb7d681257ceae92c3af80ed0f8798088
13d9f4e4a5e2ea847b2593614f3c1cda45bfe22913b3f76dcbefddb50c94b532
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13D9F4E4A5E2EA847B2593614F3C1CDA45BFE22913B3F76DCBEFDDB50C94B532"
Last-Modified: Sun, 05 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8107
Expires: Sun, 05 Feb 2023 23:25:41 GMT
Date: Sun, 05 Feb 2023 21:10:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 28722a81dd6194f41bee4e8714bd4af3
181ca47fb7d681257ceae92c3af80ed0f8798088
13d9f4e4a5e2ea847b2593614f3c1cda45bfe22913b3f76dcbefddb50c94b532
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13D9F4E4A5E2EA847B2593614F3C1CDA45BFE22913B3F76DCBEFDDB50C94B532"
Last-Modified: Sun, 05 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8107
Expires: Sun, 05 Feb 2023 23:25:41 GMT
Date: Sun, 05 Feb 2023 21:10:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a2b34a5ab39090966561af64d7a5062
61f66d0325867f7d6218de5825e10a2908ce6cbe
7e3806c006494bcdd4e242c64865357f743a5eaac7e366fade7b98251b5c7838
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E3806C006494BCDD4E242C64865357F743A5EAAC7E366FADE7B98251B5C7838"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16014
Expires: Mon, 06 Feb 2023 01:37:28 GMT
Date: Sun, 05 Feb 2023 21:10:34 GMT
Connection: keep-alive
solitudearbitrary.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSS4scVRS%2BFceFZKVkIyrUwoWC07nVXf0yQjDGhGjMW7O%2Br%2Bq5zu26xb1VXZ1BYTQgWbY7wYU1X88DTZAE3IkPerKI9Mp2ISM4%2BBMEwbV0T8Pggapzzv3O4vu%2Bcz7bKg4JRcEOrr1nN7Qx7HSzRsNXbutU2tKHV26FEa3RM%2BFtnbbiM%2BFw%2FnOD1yParNFXw4tKrNvTdRpRGtEovKCdSuzw9AKFzh50o1qX1uJ6LWrGGLr%2F974I4FkAOTgkz0HL2dNrvzyCFhOk%2FYfnlV%2FPbfba2%2F3CsNw6DOTe%2B%2Bl6assU%2FeMycQGSdG85DetnhHxxAjbdWyqAHWzPFYDrGQl%2Bj8DTvSVN8MHOEVNuoFJweRLlYAJlJtBsAmHvQstfCSAkrlxF2t%2B9Yl3J7hyhbI7OyMq%2F%2F0CXM7Ly5ymk%2FW%2FPGT0Mb1pT5NqmHsOkgh5OoHsTZMU%2B8o0AutyHyD%2BFlgRpv4KWBy8L3opbvC1W4w6NVuOYRasdLsSqZO1Gh3Ilu02xsEbrCXQygVEjMB%2BgmH86QJEEKLIAfXkQsmY3obSd8KTR6MRCiEZDiGanJZuyEXcSikLMuY%2BQZyMIM4Jwm8jcJtb1CK74GX6tgpcn4PMZCa5%2FjIGsUCqC0hOUjKDUBGVOUA6qHWl83Ve70viCR8tcX%2BZGNbZ5b4vt2LynUrKVHZJn56YFp6ZjrKuDkPK4TiWnXMaderOTCNVuq1bcaLbihNNWDK8raH9iIXVDz0j4wUVkekaeuW%2FA2T682YfQL4IVL4GV43adgq2N4w7FRvq9cNrnNlFOS8V8jRvb85nNa8L2IW2FLF9BfifYMofk%2BcUu37h%2BE0pMz%2F7x1Y%2BDJ991IVyFzFX4UD8m6Jl74xu2JNs3bOnJo6tZrvt6g833fDNnuVr55l11p7ROXjrvR1%2B%2FKebAvHxwS%2Fn8MkulTnue3D%2BnpVTugnVCkR8u%2BduKXyv82rnCpUV2%2BdpbFy71M6e81zadgOkZIZ98BKFn5GSQLm44HB5CuwlcUaFfTMkyoO0%2BRLYJn03PPnEPw8df7sJbAmeOZ3gWoCyqsavz40ejCYw67hmv4NWxCVxNf%2Fr7CNvy99BzAVh%2Bd3G5A1dhYCowM4IvnhrnmZue%2Fa2xCHATjLlxwTY3znx%2BZK7XB6FqJjRRtK540uVJm1HZTeIuZ91ItXmTRcj9TPz1wjv%2FAQAA%2F%2F8BAAD%2F%2F%2BVLn%2BGbBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 solitudearbitrary.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSS4scVRS%2BFceFZKVkIyrUwoWC07nVXf0yQjDGhGjMW7O%2Br%2Bq5zu26xb1VXZ1BYTQgWbY7wYU1X88DTZAE3IkPerKI9Mp2ISM4%2BBMEwbV0T8Pggapzzv3O4vu%2Bcz7bKg4JRcEOrr1nN7Qx7HSzRsNXbutU2tKHV26FEa3RM%2BFtnbbiM%2BFw%2FnOD1yParNFXw4tKrNvTdRpRGtEovKCdSuzw9AKFzh50o1qX1uJ6LWrGGLr%2F974I4FkAOTgkz0HL2dNrvzyCFhOk%2FYfnlV%2FPbfba2%2F3CsNw6DOTe%2B%2Bl6assU%2FeMycQGSdG85DetnhHxxAjbdWyqAHWzPFYDrGQl%2Bj8DTvSVN8MHOEVNuoFJweRLlYAJlJtBsAmHvQstfCSAkrlxF2t%2B9Yl3J7hyhbI7OyMq%2F%2F0CXM7Ly5ymk%2FW%2FPGT0Mb1pT5NqmHsOkgh5OoHsTZMU%2B8o0AutyHyD%2BFlgRpv4KWBy8L3opbvC1W4w6NVuOYRasdLsSqZO1Gh3Ilu02xsEbrCXQygVEjMB%2BgmH86QJEEKLIAfXkQsmY3obSd8KTR6MRCiEZDiGanJZuyEXcSikLMuY%2BQZyMIM4Jwm8jcJtb1CK74GX6tgpcn4PMZCa5%2FjIGsUCqC0hOUjKDUBGVOUA6qHWl83Ve70viCR8tcX%2BZGNbZ5b4vt2LynUrKVHZJn56YFp6ZjrKuDkPK4TiWnXMaderOTCNVuq1bcaLbihNNWDK8raH9iIXVDz0j4wUVkekaeuW%2FA2T682YfQL4IVL4GV43adgq2N4w7FRvq9cNrnNlFOS8V8jRvb85nNa8L2IW2FLF9BfifYMofk%2BcUu37h%2BE0pMz%2F7x1Y%2BDJ991IVyFzFX4UD8m6Jl74xu2JNs3bOnJo6tZrvt6g833fDNnuVr55l11p7ROXjrvR1%2B%2FKebAvHxwS%2Fn8MkulTnue3D%2BnpVTugnVCkR8u%2BduKXyv82rnCpUV2%2BdpbFy71M6e81zadgOkZIZ98BKFn5GSQLm44HB5CuwlcUaFfTMkyoO0%2BRLYJn03PPnEPw8df7sJbAmeOZ3gWoCyqsavz40ejCYw67hmv4NWxCVxNf%2Fr7CNvy99BzAVh%2Bd3G5A1dhYCowM4IvnhrnmZue%2Fa2xCHATjLlxwTY3znx%2BZK7XB6FqJjRRtK540uVJm1HZTeIuZ91ItXmTRcj9TPz1wjv%2FAQAA%2F%2F8BAAD%2F%2F%2BVLn%2BGbBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSS4scVRS%2BFceFZKVkIyrUwoWC07nVXf0yQjDGhGjMW7O%2Br%2Bq5zu26xb1VXZ1BYTQgWbY7wYU1X88DTZAE3IkPerKI9Mp2ISM4%2BBMEwbV0T8Pggapzzv3O4vu%2Bcz7bKg4JRcEOrr1nN7Qx7HSzRsNXbutU2tKHV26FEa3RM%2BFtnbbiM%2BFw%2FnOD1yParNFXw4tKrNvTdRpRGtEovKCdSuzw9AKFzh50o1qX1uJ6LWrGGLr%2F974I4FkAOTgkz0HL2dNrvzyCFhOk%2FYfnlV%2FPbfba2%2F3CsNw6DOTe%2B%2Bl6assU%2FeMycQGSdG85DetnhHxxAjbdWyqAHWzPFYDrGQl%2Bj8DTvSVN8MHOEVNuoFJweRLlYAJlJtBsAmHvQstfCSAkrlxF2t%2B9Yl3J7hyhbI7OyMq%2F%2F0CXM7Ly5ymk%2FW%2FPGT0Mb1pT5NqmHsOkgh5OoHsTZMU%2B8o0AutyHyD%2BFlgRpv4KWBy8L3opbvC1W4w6NVuOYRasdLsSqZO1Gh3Ilu02xsEbrCXQygVEjMB%2BgmH86QJEEKLIAfXkQsmY3obSd8KTR6MRCiEZDiGanJZuyEXcSikLMuY%2BQZyMIM4Jwm8jcJtb1CK74GX6tgpcn4PMZCa5%2FjIGsUCqC0hOUjKDUBGVOUA6qHWl83Ve70viCR8tcX%2BZGNbZ5b4vt2LynUrKVHZJn56YFp6ZjrKuDkPK4TiWnXMaderOTCNVuq1bcaLbihNNWDK8raH9iIXVDz0j4wUVkekaeuW%2FA2T682YfQL4IVL4GV43adgq2N4w7FRvq9cNrnNlFOS8V8jRvb85nNa8L2IW2FLF9BfifYMofk%2BcUu37h%2BE0pMz%2F7x1Y%2BDJ991IVyFzFX4UD8m6Jl74xu2JNs3bOnJo6tZrvt6g833fDNnuVr55l11p7ROXjrvR1%2B%2FKebAvHxwS%2Fn8MkulTnue3D%2BnpVTugnVCkR8u%2BduKXyv82rnCpUV2%2BdpbFy71M6e81zadgOkZIZ98BKFn5GSQLm44HB5CuwlcUaFfTMkyoO0%2BRLYJn03PPnEPw8df7sJbAmeOZ3gWoCyqsavz40ejCYw67hmv4NWxCVxNf%2Fr7CNvy99BzAVh%2Bd3G5A1dhYCowM4IvnhrnmZue%2Fa2xCHATjLlxwTY3znx%2BZK7XB6FqJjRRtK540uVJm1HZTeIuZ91ItXmTRcj9TPz1wjv%2FAQAA%2F%2F8BAAD%2F%2F%2BVLn%2BGbBAAA HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Cookie: u_pl=18140067; uid_id2=cb646b7c-4801-44a1-8bcc-da7380bed95c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:10:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f2f83c87f80d3397e26a0b714fd8e67
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
45.133.44.4200 OK 955 B URL HTTP/2 cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 3311b451b6e90781dab5ae61a1e4f65d
940e4700d9c5fbf74f8c15dcf10c28661e34cf2c
3def788280ca0f9ba09e050e3f3bfba82e5268fe2104f1c02a8f265c12774023
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:34 GMT
content-type: text/html; charset=utf-8
content-length: 955
server: nginx/1.17.6
last-modified: Wed, 18 May 2022 11:09:59 GMT
etag: "6284d407-3bb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
expires: Sun, 05 Feb 2023 22:10:34 GMT
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=95886cc94faea130a699ae23788f16b4&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=95886cc94faea130a699ae23788f16b4&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=cb646b7c-4801-44a1-8bcc-da7380bed95c&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=95886cc94faea130a699ae23788f16b4&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:10:34 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d88aaba2c5df4206229cfed725130c4
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6eac904305f0af9ac8425ba6638af743
6cc700dcc996020985e64492e8d9df7c498d861b
97a04042d25ff5aba9e8e6b99828405fc609275c375530f777a4a5d57e4cede3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "97A04042D25FF5ABA9E8E6B99828405FC609275C375530F777A4A5D57E4CEDE3"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14089
Expires: Mon, 06 Feb 2023 01:05:23 GMT
Date: Sun, 05 Feb 2023 21:10:34 GMT
Connection: keep-alive
friendshipmale.com/sfp.js
172.64.203.23200 OK 27 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.203.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 7d08e108469ec4f191e487612733570d
2266c4c3096af8f69a10bc37510286c32b473ba3
a59c526f279e496457e39c08b2db1db6a7bdaca08af2d514f0a761b93246a46c
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:33 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: a6e5c50dd72f0024a50190cbcd1e1157
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 Feb 2023 21:10:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDfHKwKuy1mwYhWhq0TwPRPsU%2BsahOsW4dYO2ly8kKp%2FWLRaJlJIE%2FPMWYCNOWb6sn4W8gJAaIPE4rkc8cZ8zgwxGrBLFvpfW5s3Izcvr1DG0nY04npE4dx9Ar48XGDzsieJn4E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ea22c2b4376fb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
45.133.44.9200 OK 12 kB URL HTTP/2 cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c07f1baac701b672939b359081f813c7
d38ffbae259aae1e8ad3b38959339bb29da9b69f
85bc8e3de3651f6f03dc381ea4bbaff350d8973c37f598582838677817bf1826
GET /si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:34 GMT
content-type: image/png
content-length: 12186
server: nginx/1.17.6
last-modified: Sun, 22 Jan 2023 04:25:10 GMT
etag: "63ccbaa6-2f9a"
expires: Tue, 07 Feb 2023 21:10:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6eac904305f0af9ac8425ba6638af743
6cc700dcc996020985e64492e8d9df7c498d861b
97a04042d25ff5aba9e8e6b99828405fc609275c375530f777a4a5d57e4cede3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "97A04042D25FF5ABA9E8E6B99828405FC609275C375530F777A4A5D57E4CEDE3"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14088
Expires: Mon, 06 Feb 2023 01:05:23 GMT
Date: Sun, 05 Feb 2023 21:10:35 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
172.64.166.9200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
IP 172.64.166.9:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/notifications/software/us/ios/desk-new-big/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:35 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:44:02 GMT
etag: W/"602d0182-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cio01LOzjQpS99Gf6pO3KA4p5rqgvNGIi2L0qZgJbVrZjLfObAz70QLNU%2Frt6I1QMg1h0gcKfF4Xw8i9rruOg%2BZ8kGLkR%2FzzGWTk0%2BaiQttapbU%2BzAtJMuqsYox89DIumsnjSAoFlqTe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ea2340ddd35db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
solitudearbitrary.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujutBclJyERX64EHBnVTP9Mz0GCEYY0I05rfmXL96ttyarqaqe3qyKEQDkuN4EzzY%2B02SRRMkAW%2FiD2ZziMzJ8SAruPgnCIJnmdmBxQfd77363uH7vvc%2B2y73CUXJ9i69Z7e0Mex4u0HDV67rTNrKhxeuhRFt0BPhdZ114hPhaPFzw9cj2m7QV8OzSmza400aURrRKDyjnUrt6PgShc4f9KJGjzbiZiNqxxi5%2F%2Fe%2BDOBZADncJ89By%2FnTG788ghZTZIOHp5XfLGz%2B2tuD0rDCOgzlzvvZZmarDIPDMnUB0mxnNQ3r54R8cQQ221kpgB3eWSgA13MS%2FB6BZzsrmuDDuwdMuYHKwOVRVMMplJlCsymEvQUtfyWAkLhwEdng3gXrKnbjAGULdE7W%2Fv0HupqTtT%2BPIRt8e8roUXjVmrLQNvMYpTX0aArdnyIvd1FsBdDVLkTxKbQkyAY1tNx7WfBO3OFdsR4nNFqPYxatJ1yIdcm6rYRyJXttsbRG6yl0OoVRYzAfoFx8OkCZBijzAAO5F7J2L6W0m%2FK01UpiIUSrJUQ76ci2bMVJSlGKBfcxinwMYcYQ7iZydxObegxX%2Fgy%2FUcPLI%2FDFnASXP8ZQ1qgUQeUJKkZQaYKqIKiG9V1pfNPX96TxJY9WubnKrXpii%2F42u2uLvsrIdr5Pnl2YFhybTbCp9kLK4yaVnHIZJ812kgrV7apO3Gp34pTTTgyva2h%2FZCl1S89J%2BMFZ5HpOnrlvwNkuvNmF0C%2BClS%2BBVZNuk4JtTOKEYiv7XjjtC5sqp6VivsGN7fvcFg1hB5C2Rl6sobgRbJt98vxyl29cvgolZif%2F%2BOrH4ZPvehCuRu5qfKgfE%2FTN7ckVW5E7V2zlyaOLeaEHeost9ny1YIVa%2B%2BZddaOyTp477cdfvykWwKJ8cE354jzLpM76ntw%2FpaVU7ox1QpEfzvnril8q%2Fcap0mVlfv7SW2fODXKnvNc2m4LpOSGffASh5%2BRokC1vOBztQ7spXFljUM7IKqDtLkR%2BEz6fnXziHoaPv7wHbwmcOZzheYCqrCeuyQ8fjSYw6rBnvIZXhyZwNfvp7wNs299G3wVgxa3l5Q5djaGpwcwYvnxqUuRudvK31jLATTDhxgV3uHHm8wNzvd4L21GsEp50hZRcCRl1m62kRWlTyrjbU1EPhZ%2BLv1545z8AAAD%2F%2FwEAAP%2F%2F8UMRB5sEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 solitudearbitrary.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujutBclJyERX64EHBnVTP9Mz0GCEYY0I05rfmXL96ttyarqaqe3qyKEQDkuN4EzzY%2B02SRRMkAW%2FiD2ZziMzJ8SAruPgnCIJnmdmBxQfd77363uH7vvc%2B2y73CUXJ9i69Z7e0Mex4u0HDV67rTNrKhxeuhRFt0BPhdZ114hPhaPFzw9cj2m7QV8OzSmza400aURrRKDyjnUrt6PgShc4f9KJGjzbiZiNqxxi5%2F%2Fe%2BDOBZADncJ89By%2FnTG788ghZTZIOHp5XfLGz%2B2tuD0rDCOgzlzvvZZmarDIPDMnUB0mxnNQ3r54R8cQQ221kpgB3eWSgA13MS%2FB6BZzsrmuDDuwdMuYHKwOVRVMMplJlCsymEvQUtfyWAkLhwEdng3gXrKnbjAGULdE7W%2Fv0HupqTtT%2BPIRt8e8roUXjVmrLQNvMYpTX0aArdnyIvd1FsBdDVLkTxKbQkyAY1tNx7WfBO3OFdsR4nNFqPYxatJ1yIdcm6rYRyJXttsbRG6yl0OoVRYzAfoFx8OkCZBijzAAO5F7J2L6W0m%2FK01UpiIUSrJUQ76ci2bMVJSlGKBfcxinwMYcYQ7iZydxObegxX%2Fgy%2FUcPLI%2FDFnASXP8ZQ1qgUQeUJKkZQaYKqIKiG9V1pfNPX96TxJY9WubnKrXpii%2F42u2uLvsrIdr5Pnl2YFhybTbCp9kLK4yaVnHIZJ812kgrV7apO3Gp34pTTTgyva2h%2FZCl1S89J%2BMFZ5HpOnrlvwNkuvNmF0C%2BClS%2BBVZNuk4JtTOKEYiv7XjjtC5sqp6VivsGN7fvcFg1hB5C2Rl6sobgRbJt98vxyl29cvgolZif%2F%2BOrH4ZPvehCuRu5qfKgfE%2FTN7ckVW5E7V2zlyaOLeaEHeost9ny1YIVa%2B%2BZddaOyTp477cdfvykWwKJ8cE354jzLpM76ntw%2FpaVU7ox1QpEfzvnril8q%2Fcap0mVlfv7SW2fODXKnvNc2m4LpOSGffASh5%2BRokC1vOBztQ7spXFljUM7IKqDtLkR%2BEz6fnXziHoaPv7wHbwmcOZzheYCqrCeuyQ8fjSYw6rBnvIZXhyZwNfvp7wNs299G3wVgxa3l5Q5djaGpwcwYvnxqUuRudvK31jLATTDhxgV3uHHm8wNzvd4L21GsEp50hZRcCRl1m62kRWlTyrjbU1EPhZ%2BLv1545z8AAAD%2F%2FwEAAP%2F%2F8UMRB5sEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujutBclJyERX64EHBnVTP9Mz0GCEYY0I05rfmXL96ttyarqaqe3qyKEQDkuN4EzzY%2B02SRRMkAW%2FiD2ZziMzJ8SAruPgnCIJnmdmBxQfd77363uH7vvc%2B2y73CUXJ9i69Z7e0Mex4u0HDV67rTNrKhxeuhRFt0BPhdZ114hPhaPFzw9cj2m7QV8OzSmza400aURrRKDyjnUrt6PgShc4f9KJGjzbiZiNqxxi5%2F%2Fe%2BDOBZADncJ89By%2FnTG788ghZTZIOHp5XfLGz%2B2tuD0rDCOgzlzvvZZmarDIPDMnUB0mxnNQ3r54R8cQQ221kpgB3eWSgA13MS%2FB6BZzsrmuDDuwdMuYHKwOVRVMMplJlCsymEvQUtfyWAkLhwEdng3gXrKnbjAGULdE7W%2Fv0HupqTtT%2BPIRt8e8roUXjVmrLQNvMYpTX0aArdnyIvd1FsBdDVLkTxKbQkyAY1tNx7WfBO3OFdsR4nNFqPYxatJ1yIdcm6rYRyJXttsbRG6yl0OoVRYzAfoFx8OkCZBijzAAO5F7J2L6W0m%2FK01UpiIUSrJUQ76ci2bMVJSlGKBfcxinwMYcYQ7iZydxObegxX%2Fgy%2FUcPLI%2FDFnASXP8ZQ1qgUQeUJKkZQaYKqIKiG9V1pfNPX96TxJY9WubnKrXpii%2F42u2uLvsrIdr5Pnl2YFhybTbCp9kLK4yaVnHIZJ812kgrV7apO3Gp34pTTTgyva2h%2FZCl1S89J%2BMFZ5HpOnrlvwNkuvNmF0C%2BClS%2BBVZNuk4JtTOKEYiv7XjjtC5sqp6VivsGN7fvcFg1hB5C2Rl6sobgRbJt98vxyl29cvgolZif%2F%2BOrH4ZPvehCuRu5qfKgfE%2FTN7ckVW5E7V2zlyaOLeaEHeost9ny1YIVa%2B%2BZddaOyTp477cdfvykWwKJ8cE354jzLpM76ntw%2FpaVU7ox1QpEfzvnril8q%2Fcap0mVlfv7SW2fODXKnvNc2m4LpOSGffASh5%2BRokC1vOBztQ7spXFljUM7IKqDtLkR%2BEz6fnXziHoaPv7wHbwmcOZzheYCqrCeuyQ8fjSYw6rBnvIZXhyZwNfvp7wNs299G3wVgxa3l5Q5djaGpwcwYvnxqUuRudvK31jLATTDhxgV3uHHm8wNzvd4L21GsEp50hZRcCRl1m62kRWlTyrjbU1EPhZ%2BLv1545z8AAAD%2F%2FwEAAP%2F%2F8UMRB5sEAAA%3D HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Cookie: u_pl=18140067; uid_id2=cb646b7c-4801-44a1-8bcc-da7380bed95c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:10:35 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a57f8a3528fa29a4517a326ce875884d
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/style.css
172.64.166.9200 OK 1.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/style.css
IP 172.64.166.9:0
Hash 954946af293f20017b57891b7f1f1d43
0042745327e1848dffb87f07a86c8144b65b19b0
87874b145dd9c611a7be81faaf6fd92b9c6cd639a297c7b097c767317da9f755
GET /sb/notifications/software/us/ios/desk-new-big/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:35 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 12:16:53 GMT
etag: W/"614c7035-145e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mn1PLgr%2BgUisjJuQ5yP8vUReD9VteVL8x%2F2IDVgg1hBQthgfyTvdZRVA9ei59Bfjz6RxN6pRe%2BUf7eRKrZWq%2FxJKiuj5fwwIliSQUMyc3JgyrfWgiPxNBpmuX%2BxgPkq1pA75%2BJNBqzj4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ea2342e0435db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
172.64.166.9200 OK 73 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
IP 172.64.166.9:0
File type Web Open Font Format, TrueType, length 72696, version 11.0\012- data
Hash 53d97caea7ef8a12beab745fcc5744e1
b8c70e4f67957e4f2cb809a58d84c773a3bde6d0
542772868e28df6d786b6f00f9dec929cba214d928cb013b32588485b46f8715
GET /sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:35 GMT
content-type: application/font-woff
content-length: 72696
last-modified: Wed, 17 Feb 2021 11:42:38 GMT
etag: "602d012e-11bf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFYE5xiLLxmnHJcSkZDrFJlOcGd8p0WxIsAoyr%2F3%2F2VLmkbLhaYjPW8Y7PburE5Rb1aW7dyf0m5AZLJI3c0Z93Gs0t0WMDBQWd%2BppJDwLZY9ZSc%2FLihQ8i5xPvkPFJYAsOUjiJ%2Fe1Cyt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ea236ba5e35db-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEgPASdz_deaJSOJJWpmxAa-d5FThBUPKorVEAb9OGt3nut8Nplph8JD2CEJZPRzBVCWmg5444t8gYk-c0It8un1grSHgCTqvar2SVa0ovOYJvMZ0uDVImmaLDHugQZ2okWszcE_XsT_vQtpkMvw7D1ypjcmUcJymxJvsWm-EKTXDCEkfHv-133wIYyY=s1200
142.250.74.97200 OK 0 B URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgPASdz_deaJSOJJWpmxAa-d5FThBUPKorVEAb9OGt3nut8Nplph8JD2CEJZPRzBVCWmg5444t8gYk-c0It8un1grSHgCTqvar2SVa0ovOYJvMZ0uDVImmaLDHugQZ2okWszcE_XsT_vQtpkMvw7D1ypjcmUcJymxJvsWm-EKTXDCEkfHv-133wIYyY=s1200
IP 142.250.74.97:0
GET /img/a/AVvXsEgPASdz_deaJSOJJWpmxAa-d5FThBUPKorVEAb9OGt3nut8Nplph8JD2CEJZPRzBVCWmg5444t8gYk-c0It8un1grSHgCTqvar2SVa0ovOYJvMZ0uDVImmaLDHugQZ2okWszcE_XsT_vQtpkMvw7D1ypjcmUcJymxJvsWm-EKTXDCEkfHv-133wIYyY=s1200 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4f4"
expires: Mon, 06 Feb 2023 21:10:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Sin t_tulo (1139 _ 293_px) (1200 _ 200_px) (12).png";filename*=UTF-8''Sin%20t%C3%ADtulo%20(1139%20%C3%97%20293%C2%A0px)%20(1200%20%C3%97%20200%C2%A0px)%20(12).png
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:10:30 GMT
server: fife
content-length: 125165
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
IP 104.16.122.175:0
GET /ionicons@5.5.2/dist/ionicons/ionicons.esm.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:32 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"18f-B+zGUTbQ1uVsG8y1uf+53Qdwne0"
via: 1.1 fly.io
fly-request-id: 01FXH4FHW243J1MMBDP14ETSHV-ams
cf-cache-status: HIT
age: 29010087
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794ea2232cb70b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
IP 172.64.166.9:0
GET /sb/notifications/software/us/ios/desk-new-big/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cristoferideas.blogspot.com
Connection: keep-alive
Referer: https://cristoferideas.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:10:35 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:44:05 GMT
etag: W/"602d0185-183"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v93QcUZL1f5KsEmDEFWb9UfBw8%2FaEQZ2uQmRUz9FHuDq8ZYy6Tvw9bFKqMA2vL1wYnN72q227zwdprtO%2FKLsb6PF117oJK1AXUD6%2BR1kve22R6Tyg2gXDO3Dr97m%2BT016GuNrYfxHbOA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794ea2341df935db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2