Report - www.allthatglittersinfirstgrade.blogspot.com/

Report Overview

Submitted URL
www.allthatglittersinfirstgrade.blogspot.com/
IP
142.250.74.161
ASN
#15169 GOOGLE
Submitted
2022-12-09 18:41:54
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
allthatglittersinfirstgrade.blogspot.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	45 kB	172.217.21.161
www.bloglovin.com	73749	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.4 kB	194.0.59.31
www.teacherspayteachers.com	13764	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	6.4 kB	104.66.112.207
2.bp.blogspot.com	11071	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	270 kB	142.250.74.161
accounts.google.com	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.1 kB	142.250.74.109
1.bp.blogspot.com	8403	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	194 kB	142.250.74.161
www.allthatglittersinfirstgrade.blogspot.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	636 B	172.217.21.161
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	335 B	656 B	216.58.211.2
lh6.googleusercontent.com	458	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	207 kB	142.250.74.97
assets.teacherspayteachers.com	28784	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	57 kB	23.38.200.36
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.3 kB	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	943 B	65 kB	216.58.207.227
3.bp.blogspot.com	11048	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	239 kB	142.250.74.161
kevinandamanda.com	339309	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	668 B	1.6 kB	188.114.96.1
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.36.76.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.2 kB	13 kB	142.250.74.131
i1090.photobucket.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	148 kB	143.204.55.54
i1205.photobucket.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	820 B	7.8 kB	143.204.55.106
www.goodreads.com	3417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	20 kB	52.94.237.126
apis.google.com	105	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	948 B	81 kB	172.217.21.174
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.164.186.39
www.shelfari.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	314 B	287 B	3.20.32.97
4.bp.blogspot.com	11215	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	167 kB	142.250.74.161
lh5.googleusercontent.com	157	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	502 B	114 kB	142.250.74.97
lh4.googleusercontent.com	454	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	291 kB	142.250.74.97
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	4.3 kB	157.240.221.35
ecdn.teacherspayteachers.com	12329	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	47 kB	23.38.200.36
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	334 B	25 kB	142.250.74.138
resources.blogblog.com	13274	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	937 B	142.250.74.73
www.blogger.com	8975	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	72 kB	142.250.74.73
static.xx.fbcdn.net	661	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	459 B	5.7 kB	157.240.221.16
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	www.allthatglittersinfirstgrade.blogspot.com/	Phishing
2022-12-09	medium	allthatglittersinfirstgrade.blogspot.com/	Phishing
2022-12-09	medium	allthatglittersinfirstgrade.blogspot.com/js/cookienotice.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (37)

	URL	Size	First Seen	Last Seen
	www.blogger.com/static/v1/widgets/2092647672-widgets.js	156 kB	2023-03-08	2023-03-09
Pretty URL www.blogger.com/static/v1/widgets/2092647672-widgets.js IP 142.250.74.73 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:15 Last Seen2023-03-09 22:42:19 Times Seen1 Hash 2348c8616f38bcd653268cba8b3d2d34 77b1608b7366ec574a1b485803d9b8f4c546ed4a ecba0b97a30d07171bd7bdb00afeba7f3a9ae4788e8f51bb0409b73e69d14fac Loading...

	allthatglittersinfirstgrade.blogspot.com/	8.1 kB	2023-03-09	2023-03-09
Pretty URL allthatglittersinfirstgrade.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-09 00:19:08 Times Seen1 Hash b35b95562b3ef63389cc08e6ceceae1e a28d10dfac125cab3f1eeadd7f28ea71ab41eeb5 fab1df554d0416b9fdeb967d2e3c8806a875d26445e088752f807068188509eb Loading...

	assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery.cycle.all.js	26 kB	2023-03-09	2024-04-11
Pretty URL assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery.cycle.all.js IP 23.38.200.36 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2024-04-11 15:55:09 Times Seen47 Hash 44ed443535dae171e3a9540698056a8c f15e007f80568ffdfcb8377a8691208cda439897 23688d98ab19e9daaee7318f140b84723199250825e047c19f9dc5a92cd84663 Loading...

	apis.google.com/js/platform.js	55 kB	2023-03-08	2023-03-17
Pretty URL apis.google.com/js/platform.js IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:23 Last Seen2023-03-17 23:35:13 Times Seen1 Hash 82b37d5e95d1e985a554cf000e9bb15c 8973b2e12ea8de1b8a14c8b7ea3be6c1c25eae07 4c6520efed0ab3222ea84da3fb4d6cdc929353fdfa0ac12422253be3ffcf525a Loading...

	allthatglittersinfirstgrade.blogspot.com/	269 B	2023-03-07	2024-04-27
Pretty URL allthatglittersinfirstgrade.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-27 00:46:08 Times Seen28084 Hash 6e880fa46f41c3a142b32e22ca7c06a0 cb7725608bf21d4a5fab1e9050328ab9b024d285 95df5b72788a5634d46797321652a339cd37eeba06d33166541e76a0deb42b61 Loading...

	allthatglittersinfirstgrade.blogspot.com/	275 B	2023-03-07	2024-04-27
Pretty URL allthatglittersinfirstgrade.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-27 00:51:41 Times Seen57552 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	allthatglittersinfirstgrade.blogspot.com/	284 B	2023-03-09	2023-03-26
Pretty URL allthatglittersinfirstgrade.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-26 08:09:43 Times Seen2 Hash ccc113fb0407b3f7b37df647dee63fb3 b84fe19cafec278af92aa2c98cbc37c9dae07023 37646535936323e8fa594a0bd5e6230df0be3e4d1b8acd5dbd9b288614d53a58 Loading...

	www.blogger.com/navbar.g?targetBlogID=1794519403126134013&blogName=All+That+Glitters+In+First+Grade&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://allthatglittersinfirstgrade.blogspot.com/search&blogLocale=en&v=2&homepageUrl=allthatglittersinfirstgrade.blogspot.com/&vt=7848240109773970793&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com&pfname=&rpctoken=98797536	471 B	2023-03-07	2023-04-05
Pretty URL www.blogger.com/navbar.g?targetBlogID=1794519403126134013&blogName=All+That+Glitters+In+First+Grade&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://allthatglittersinfirstgrade.blogspot.com/search&blogLocale=en&v=2&homepageUrl=allthatglittersinfirstgrade.blogspot.com/&vt=7848240109773970793&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com&pfname=&rpctoken=98797536 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-04-05 02:12:11 Times Seen6549 Hash 817a2f878be59f132a6d67ba3dc44c12 74fa163d8e9121fc4be1b4b05974f7f08ac90267 7f417083e329ac4c097585dbe92c0de4527419243615b5a0c4245704cd09ccfc Loading...

	www.teacherspayteachers.com/widgets/get/3134	2.0 kB	2023-03-09	2023-03-26
Pretty URL www.teacherspayteachers.com/widgets/get/3134 IP 104.66.112.207 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-26 08:09:43 Times Seen2 Hash 51411254679c9bdbe12eb3523015fef8 7b1d8896abcbcbf3c30912055141ba1f3b35b4c5 99596a5dcab26d8e5ddde07bb4c2420a7261a160fa8ff735485420877241dfb1 Loading...

	www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	274 B	2023-03-09	2023-03-09
Pretty URL www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 157.240.221.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-09 00:19:08 Times Seen1 Hash 57974247bb8f2e5db1c32379ae729332 190597b304393837ebcdf9bbd434f04eb399ca1c 0d25439f3ee343d5742ddff6d65ea67591e197c6223e0fe189ae4f6652626683 Loading...

	www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	10 B	2023-03-07	2024-04-26
Pretty URL www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 157.240.221.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:18 Last Seen2024-04-26 17:44:28 Times Seen14107 Hash 91b3d54bc665b27a303ea5103da4f0b5 1ea644a3b2b1e427686c79e379e4074d576e732a 8c946addeada771d3dc6866cc23be2d1ef3f84b0ae6a98989cbf25b1a9249a61 Loading...

	www.blogger.com/followers.g?blogID=1794519403126134013&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1#id=I0_1670611302844&_gfid=I0_1670611302844&parent=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com&pfname=&rpctoken=27003251	2.0 kB	2023-03-09	2023-03-26
Pretty URL www.blogger.com/followers.g?blogID=1794519403126134013&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1#id=I0_1670611302844&_gfid=I0_1670611302844&parent=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com&pfname=&rpctoken=27003251 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-26 08:09:43 Times Seen2 Hash a442d7627b062e0d699e643e6e5adbba 2e1ad4db27773f5d3926320385a00992ca9e8894 e14f801940935376a448a638e74a7ea46d5af3a1954290c4223a62f755daaf42 Loading...

	assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery-1.11.1.min.js	97 kB	2023-03-09	2024-04-11
Pretty URL assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery-1.11.1.min.js IP 23.38.200.36 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2024-04-11 15:55:11 Times Seen46 Hash beb521d7a1e436bd2b55b522429df502 b2a5e418b470b6ab02ad3a32a101855fcb99ae0b 7475b1b28017b5c3243d13f3cee1af9687d817fcb1dd864805148ce84632324f Loading...

	allthatglittersinfirstgrade.blogspot.com/js/cookienotice.js	6.5 kB	2023-03-07	2024-04-27
Pretty URL allthatglittersinfirstgrade.blogspot.com/js/cookienotice.js IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-27 00:51:48 Times Seen113888 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	allthatglittersinfirstgrade.blogspot.com/	29 B	2023-03-09	2023-03-09
Pretty URL allthatglittersinfirstgrade.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-09 00:19:08 Times Seen1 Hash 120a8c93c1d75c2b6bbee277907ffbe3 7c01da3726c5961797ad0d14b444e66cb9cb473b d06ac58690e648b090b6ac0fd83bde40474a385954c514089eb93295bd63f0af Loading...

	www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	363 B	2023-03-07	2023-03-26
Pretty URL www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 157.240.221.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:12 Last Seen2023-03-26 07:32:30 Times Seen93 Hash 8a5339e28ff6b8041a50ef52b31a3622 a0c3d922749541d7a29f0d2082d50c57a6255350 9fb499a0ecd1426d813909462135cf909006eb305ec7680ec692d4d0069a83e9 Loading...

	www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	14 kB	2023-03-09	2023-03-09
Pretty URL www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 157.240.221.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-09 00:19:08 Times Seen1 Hash a16144ab972bad81cb968cea1865da33 0ca8ff3fbefd494bab5a52d371b6f1d266bcb017 65fd728c8382ff892ae487e67dc49917d86de945baf0947eb4623bc2a1ecb05d Loading...

	allthatglittersinfirstgrade.blogspot.com/	302 B	2023-03-07	2024-04-27
Pretty URL allthatglittersinfirstgrade.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-27 00:46:08 Times Seen28770 Hash 5a9442d8fb9a2077b3ebaf7aa6f763fb 1ad7b70635d1b80ddf645acb12b5f17e0ecf0c99 0665437bacd7ab06df7300ed254eac6729ed5e062da4cfb3895416289cfc647a Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs	176 kB	2023-03-08	2023-03-17
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:34 Last Seen2023-03-17 23:14:57 Times Seen1 Hash 56e3c588ced8ba4b5f2fc17026a9d57e 85f89594b97d49984b826d511fb82271bfddb85b b1370ea109344f61415c6a6414837fd2089a02bcd1d6bc88fad765fe7640541a Loading...

	pagead2.googlesyndication.com/pagead/js/google_top_exp.js	47 B	2023-03-07	2024-04-27
Pretty URL pagead2.googlesyndication.com/pagead/js/google_top_exp.js IP 216.58.211.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-27 00:46:08 Times Seen48103 Hash 7f5f2be159837d73b72a4b37616bce44 c93d7f25b530b05c26440d3352213b683d03dcc3 ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Loading...

	allthatglittersinfirstgrade.blogspot.com/	1.6 kB	2023-03-09	2023-03-09
Pretty URL allthatglittersinfirstgrade.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-09 00:19:08 Times Seen1 Hash 4e5bbc553202b91f6843cbb41305a5fa 2b1cdbed8213c7af68fde0d55ee9d84738e71903 81d53acb792c02087bdf5aa04e46f3075839a922061314d2a6e72dde9ebf499e Loading...

	www.teacherspayteachers.com/widgets/show/3134?widgetref=allthatglittersinfirstgrade.blogspot.com/	614 B	2023-03-09	2023-05-04
Pretty URL www.teacherspayteachers.com/widgets/show/3134?widgetref=allthatglittersinfirstgrade.blogspot.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-05-04 14:23:56 Times Seen15 Hash 2e87a97e4b8bf10eda4ebcd4dcc8cbc8 c5b003d7b34dd71a19b071b9ec460ab583121d7d 02ee785846f94f5131693c692c7ca4caf3034787e9b190ec769d48da01670d84 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js	71 kB	2023-03-07	2024-04-15
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:11 Last Seen2024-04-15 06:08:28 Times Seen1557 Hash 9eb33df93b21325142088527103882d2 bff995d3a845903f281b0b51fea421059459a808 2cec78f739fbddfed852cd7934d2530e7cc4c8f14b38673b03ba5fb880ad4cc7 Loading...

	allthatglittersinfirstgrade.blogspot.com/	745 B	2023-03-09	2023-03-09
Pretty URL allthatglittersinfirstgrade.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-09 00:19:08 Times Seen1 Hash ecd8a8d22878ac63ecfacadbb8b2b811 317ec291cd16783ced782fb226b9d2d3820394b4 78f8e892cc71bd13e214db0def67660d793ae4ad3ebdd18aaea3cdfbeca91aa7 Loading...

	allthatglittersinfirstgrade.blogspot.com/	215 B	2023-03-09	2023-03-26
Pretty URL allthatglittersinfirstgrade.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-26 08:09:43 Times Seen2 Hash 0837376b7c773c48139bfd71edde7c5b 935b007c37ab064b1f28e7211204a4f138c3ffb8 80396c0a204fc4306500193da6da852c5ae36b2f169c0e0d3f4f6737e5b41d7e Loading...

	apis.google.com/js/platform:gapi.iframes.style.common.js	55 kB	2023-03-08	2023-03-17
Pretty URL apis.google.com/js/platform:gapi.iframes.style.common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:34 Last Seen2023-03-17 23:14:57 Times Seen1 Hash 0f33e12fa3290716d243f3162bb63cb0 32f9b00bfd7449ebd5382871d1c083db9c1b2b95 82c53629d9ff53cc334633ac037d1dc1f843008d6e1347ce784b9f255bacb42f Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs	129 kB	2023-03-08	2023-11-05
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:34 Last Seen2023-11-05 00:33:19 Times Seen5 Hash ebaa2506c5b4b13ecfc737a1e3b7eb3d e75a7603d9e5016c0c774ab99d5c0b9b756e1a03 9e6d60f06b6332ed1831d9d501e602656f3c884480c6d7034542866281ea3086 Loading...

	www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	137 B	2023-03-07	2024-03-07
Pretty URL www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 157.240.221.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:12 Last Seen2024-03-07 18:38:30 Times Seen413 Hash 63b4170abc12dfbfa38f47edf480e8b5 1008359d34a8d1e802ec0cee27996156c8baf3ac e75bda2c361ed4d81816c5e6f9b3e380786b9cbe253f62dfecc6f296d851a6ff Loading...

	www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	252 B	2023-03-07	2024-03-07
Pretty URL www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 157.240.221.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-03-07 18:38:30 Times Seen2234 Hash dfc334cd5201ae3c020f43848b1646c4 b951863e53fd874757a2d5a21c8739a4d3640947 6e28b909a82bf42f6a2b51d7bbdc3ecafc47cd43cd52d1a3b584250c2ae579fe Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:23:42 Times Seen37109021 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery.browser.js	4.2 kB	2023-03-09	2024-04-11
Pretty URL assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery.browser.js IP 23.38.200.36 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2024-04-11 15:55:09 Times Seen34 Hash 5b4e2b6691907d9b92313a4c4704aaa4 dfcc10b05d5ba91ef7803a12a956b8a492b737bc ef31a50cb86b3b344420ebb88d24bd6459b17ac821bdb301e4050339fec922c1 Loading...

	www.blogger.com/navbar.g?targetBlogID=1794519403126134013&blogName=All+That+Glitters+In+First+Grade&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://allthatglittersinfirstgrade.blogspot.com/search&blogLocale=en&v=2&homepageUrl=allthatglittersinfirstgrade.blogspot.com/&vt=7848240109773970793&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com&pfname=&rpctoken=98797536	184 B	2023-03-07	2023-04-05
Pretty URL www.blogger.com/navbar.g?targetBlogID=1794519403126134013&blogName=All+That+Glitters+In+First+Grade&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://allthatglittersinfirstgrade.blogspot.com/search&blogLocale=en&v=2&homepageUrl=allthatglittersinfirstgrade.blogspot.com/&vt=7848240109773970793&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com&pfname=&rpctoken=98797536 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-04-05 02:12:11 Times Seen6539 Hash 55222ba6bc3c6d1b4e917bf57803f724 41907640a176f6c9e549bfd1e1bacaa29a302475 3cb3e98d555f2381f9ef9439a915bd523225a0fd1cb4303f2c676da5494e1428 Loading...

	allthatglittersinfirstgrade.blogspot.com/	789 B	2023-03-07	2024-02-13
Pretty URL allthatglittersinfirstgrade.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-02-13 16:43:35 Times Seen49861 Hash 0699fb3015610319b1639f47466451f0 5f4d8a4022f3a687921d7b3dce01cfc5bd62248f 2443e5c9c4ba5a75e030860f998bcf800907b0d4b3c4017999c2ed7ac84eeefa Loading...

	www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false	539 B	2023-03-09	2023-03-09
Pretty URL www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false IP 157.240.221.35 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-09 00:19:08 Times Seen1 Hash 1228edc3d3a2d883cbc0d8f7643b4019 786393055eb3c697dec77a356194ebde5cab15ff 72637785e6dd88b7fcf9180c404c6fa310d8a214be4c986f61dcd12becca3246 Loading...

	www.blogger.com/followers.g?blogID=1794519403126134013&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1#id=I0_1670611302844&_gfid=I0_1670611302844&parent=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com&pfname=&rpctoken=27003251	437 B	2023-03-09	2023-03-26
Pretty URL www.blogger.com/followers.g?blogID=1794519403126134013&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1#id=I0_1670611302844&_gfid=I0_1670611302844&parent=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com&pfname=&rpctoken=27003251 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2023-03-26 08:09:43 Times Seen2 Hash adccdc3abeeff8287586cfca9a06ff36 13a7e16d7bf16dc44ff460bee8512e71a5e1bc3d 2f46580da0f5dec4d3b4d6f8c53b02083445e8ac25886bf0a12a156e5d73637c Loading...

	www.teacherspayteachers.com/widgets/show/3134?widgetref=allthatglittersinfirstgrade.blogspot.com/	78 B	2023-03-09	2024-04-11
Pretty URL www.teacherspayteachers.com/widgets/show/3134?widgetref=allthatglittersinfirstgrade.blogspot.com/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:19:08 Last Seen2024-04-11 15:55:09 Times Seen28 Hash 51ef9e6503a7bbdedc416c946120eed0 352dcda72c7d3856a7c67b0552e145d9d4ce97af b639203d55843b2981a1121ae1b63606017fa1f476a6b8452c2ad68c2e4490f1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3edc0d2763802bd7634576cf780630fd	24 B	2023-03-07	2024-04-27
Pretty Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-27 00:51:47 Times Seen10746 Hash 3edc0d2763802bd7634576cf780630fd 598d900dcdecd9064535e606bf7a0708d4bf0ec2 a3ba8250ebf2c8e28e99b0cbcb48488777fa3f512e83a7a56930803eb5d35e05 Loading...

HTTP Transactions (132)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6709
Expires: Fri, 09 Dec 2022 20:33:31 GMT
Date: Fri, 09 Dec 2022 18:41:42 GMT
Connection: keep-alive

www.allthatglittersinfirstgrade.blogspot.com/

172.217.21.161

301 Moved Permanently

190 B

URL HTTP/1.1
www.allthatglittersinfirstgrade.blogspot.com/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
190 B (190 bytes)
Hash
6b62728f05ef09b87f336bb495d238aa
d56cc7089da5d65215ea52c374df87cce1f13ade
6bc9538483075d3f24534f41fc229a6535e00237ceb5f9f9b7578100c0b7459c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.allthatglittersinfirstgrade.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: http://allthatglittersinfirstgrade.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 18:41:42 GMT
Expires: Fri, 09 Dec 2022 18:41:42 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 190
Server: GSE

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6626
Expires: Fri, 09 Dec 2022 20:32:08 GMT
Date: Fri, 09 Dec 2022 18:41:42 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5192
Expires: Fri, 09 Dec 2022 20:08:14 GMT
Date: Fri, 09 Dec 2022 18:41:42 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 18:33:14 GMT
content-type: application/json
age: 508
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TvL/6JWiIyFNsjHW7K8+V2z656uaTjnMWlMyVnCSRJVQpe+hxk3aXvBFd5J23okbhwT4dbguKoCsQ6xaUdZmNw==
x-amz-request-id: GDDZ7XVPERK22FFE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 17:48:25 GMT
age: 3197
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 18:41:42 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 18:07:55 GMT
age: 2028
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

allthatglittersinfirstgrade.blogspot.com/

172.217.21.161

200 OK

41 kB

URL HTTP/1.1
allthatglittersinfirstgrade.blogspot.com/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1500)
Size
41 kB (40809 bytes)
Hash
aadd8a736cb3041cdd041f6050a44118
e8f0c7f984074adcfcbae4dc1b35580da774fc6a
137ed3e9e934184f2993b6b4c0e96418fb9c5350bc3f12132598caaee6553e7c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: allthatglittersinfirstgrade.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 09 Dec 2022 18:41:43 GMT
Date: Fri, 09 Dec 2022 18:41:43 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 04 Dec 2022 18:35:12 GMT
ETag: W/"05903bf530b3404d2fb455a181d11d2afe815c6f292ece71816d4aebef9349a9"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 40809
Server: GSE

ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js

142.250.74.138

200 OK

24 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (833)
Size
24 kB (24177 bytes)
Hash
0abe559b44ad75a1142a42afaad9568c
164f6f47f7cfc82155691d4e31d908a0e93a799f
d33e5a1bb8bd201d8daf58a81da88d07d63c484a1cdaff1bd2d46dc90ab73a80

HTTP Headers

GET /ajax/libs/jquery/1.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 24177
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 21:11:29 GMT
Expires: Wed, 06 Dec 2023 21:11:29 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 250214
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a7a8eecec19b58f9286e9ce32471f3ba
f9e32a22a8ac6b1e5b29b91444183990b6e4c83e
69b0a2bff905b13caa305b1fcbb2db96a7f3bc60ccb4fba45b169e9ee86da4c6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4162
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:43 GMT
Last-Modified: Fri, 09 Dec 2022 17:32:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
39f7a852bbae05f09dc53ef10c0d1160
d57c5d32435b7f3d28a09b8d9c6dc74c69137f90
3eb99977809e58f9babd580d0c58bccbf19b3056a885fe90ae3dcc4fcf9424a9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/js/platform.js

172.217.21.174

200 OK

21 kB

URL HTTP/2
apis.google.com/js/platform.js
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1279)
Size
21 kB (20984 bytes)
Hash
7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 09 Dec 2022 18:41:43 GMT
expires: Fri, 09 Dec 2022 18:41:43 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

allthatglittersinfirstgrade.blogspot.com/js/cookienotice.js

172.217.21.161

200 OK

2.0 kB

URL HTTP/1.1
allthatglittersinfirstgrade.blogspot.com/js/cookienotice.js
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
2.0 kB (2026 bytes)
Hash
c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: allthatglittersinfirstgrade.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 09 Dec 2022 18:41:43 GMT
Expires: Fri, 16 Dec 2022 18:41:43 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 09 Dec 2022 16:50:54 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0

www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

142.250.74.73

200 OK

6.6 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
142.250.74.73:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (30596)
Size
6.6 kB (6620 bytes)
Hash
6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f

HTTP Headers

GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:01:43 GMT
expires: Wed, 06 Dec 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 19:52:21 GMT
content-type: text/css
age: 276000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/2092647672-widgets.js

142.250.74.73

200 OK

56 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP
142.250.74.73:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2221)
Size
56 kB (56341 bytes)
Hash
689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef

HTTP Headers

GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 145858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

3.bp.blogspot.com/-COcOj2u4OJI/UTq2mhb9jOI/AAAAAAAAAnc/LWTJip_XXnc/s1600/fb.png

142.250.74.161

200 OK

4.3 kB

URL HTTP/1.1
3.bp.blogspot.com/-COcOj2u4OJI/UTq2mhb9jOI/AAAAAAAAAnc/LWTJip_XXnc/s1600/fb.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 65 x 98, 8-bit/color RGB, non-interlaced\012- data
Size
4.3 kB (4327 bytes)
Hash
f7ad9fe41cb1d0254400ee964d7c05d8
619c560a695671345b50ad4309a517dd30492eca
166854e0293f95a4a6917bd67f4e48f2a93ec8ed2dd4c3d7ec80ebe11855a002

HTTP Headers

GET /-COcOj2u4OJI/UTq2mhb9jOI/AAAAAAAAAnc/LWTJip_XXnc/s1600/fb.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v279"
Expires: Sat, 10 Dec 2022 18:41:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="fb.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:43 GMT
Server: fife
Content-Length: 4327
X-XSS-Protection: 0

resources.blogblog.com/img/icon18_edit_allbkg.gif

142.250.74.73

200 OK

162 B

URL HTTP/2
resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
142.250.74.73:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 18\012- data
Size
162 B (162 bytes)
Hash
c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

HTTP Headers

GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:19:02 GMT
expires: Tue, 13 Dec 2022 14:19:02 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 07:54:23 GMT
content-type: image/gif
age: 274961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b873c6396aca4019ea51aed119cc8b6
b9684a5bf5075eb4e8ae2512b9ab3f1ddbddf80a
0045a8cb68ae0065903c118fcce7eb8b5eb1ad3bf92da3a50630346f5b45ca34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.bloglovin.com/widget/bilder/en/widget.gif?id=5196479

194.0.59.31

301 Moved Permanently

0 B

URL HTTP/1.1
www.bloglovin.com/widget/bilder/en/widget.gif?id=5196479
IP
194.0.59.31:0
ASN
#16150 Availo Networks AB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /widget/bilder/en/widget.gif?id=5196479 HTTP/1.1
Host: www.bloglovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 18:41:49 GMT
Server: Varnish
X-Varnish: 417654617
Location: https://www.bloglovin.com/widget/bilder/en/widget.gif?id=5196479
Cache-Control: no-cache, must-revalidate
Expires: Sat, 01 Jan 2001 00:13:37 GMT
Content-Length: 0
Connection: keep-alive

www.bloglovin.com/widget/subscribers.php?id=5196479&lang=en

194.0.59.31

301 Moved Permanently

0 B

URL HTTP/1.1
www.bloglovin.com/widget/subscribers.php?id=5196479&lang=en
IP
194.0.59.31:0
ASN
#16150 Availo Networks AB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /widget/subscribers.php?id=5196479&lang=en HTTP/1.1
Host: www.bloglovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 18:41:49 GMT
Server: Varnish
X-Varnish: 448640046
Location: https://www.bloglovin.com/widget/subscribers.php?id=5196479&lang=en
Cache-Control: no-cache, must-revalidate
Expires: Sat, 01 Jan 2001 00:13:37 GMT
Content-Length: 0
Connection: keep-alive

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs

172.217.21.174

200 OK

58 kB

URL HTTP/2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (580)
Size
58 kB (57794 bytes)
Hash
813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 19:47:43 GMT
expires: Wed, 06 Dec 2023 19:47:43 GMT
cache-control: public, max-age=31536000
age: 255240
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/google_top_exp.js

216.58.211.2

200 OK

67 B

URL HTTP/1.1
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
67 B (67 bytes)
Hash
9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c

HTTP Headers

GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Fri, 09 Dec 2022 07:02:46 GMT
Expires: Fri, 23 Dec 2022 07:02:46 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 41937

www.shelfari.com/ws/211669/widget.js

3.20.32.97

301 Moved Permanently

81 B

URL HTTP/1.1
www.shelfari.com/ws/211669/widget.js
IP
3.20.32.97:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
81 B (81 bytes)
Hash
2708fbdfc66312157decb30cb0d2df99
457239977877ba0d7a7936c68fdb26b4b288753e
fd6bbbe9e5ecf5a966f554c014aa2bd7eb07c14691dc41e1d47d42f533180382

HTTP Headers

GET /ws/211669/widget.js HTTP/1.1
Host: www.shelfari.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://www.goodreads.com/?shelfari_flash=true
Date: Fri, 09 Dec 2022 18:41:43 GMT
Content-Length: 81
Connection: close

www.blogger.com/dyn-css/authorization.css?targetBlogID=1794519403126134013&zx=9dc17753-6f80-4062-93a9-0bf6df8a518d

142.250.74.73

200 OK

21 B

URL HTTP/2
www.blogger.com/dyn-css/authorization.css?targetBlogID=1794519403126134013&zx=9dc17753-6f80-4062-93a9-0bf6df8a518d
IP
142.250.74.73:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=1794519403126134013&zx=9dc17753-6f80-4062-93a9-0bf6df8a518d HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 18:41:43 GMT
last-modified: Fri, 09 Dec 2022 18:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.164.186.39

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.186.39:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DZaQC4li2sVN6DjygnPXyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WnaZ870VNFih4cr3N/IDBN4900k=

i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/signature-1053.png

143.204.55.54

301 Moved Permanently

167 B

URL HTTP/1.1
i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/signature-1053.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/i366/dreamlikemagic/blogs/signature-1053.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 09 Dec 2022 18:41:43 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/signature-1053.png
X-Cache: Redirect from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4ixxvkvgBKULduaq9ql76UWZypK_tEe-MMTODjb0sJfUpJATfjWIRw==
Vary: Origin

i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/header-1557.png

143.204.55.54

301 Moved Permanently

167 B

URL HTTP/1.1
i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/header-1557.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/i366/dreamlikemagic/blogs/header-1557.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 09 Dec 2022 18:41:43 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/header-1557.png
X-Cache: Redirect from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L7StdvqKJdMuA7PWiC5a9B1ssqtDwNsa7jnrGyrMSBp1FbJKy2cigA==
Vary: Origin

i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/button-778.png

143.204.55.54

301 Moved Permanently

167 B

URL HTTP/1.1
i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/button-778.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/i366/dreamlikemagic/blogs/button-778.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 09 Dec 2022 18:41:43 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/button-778.png
X-Cache: Redirect from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zaJSVOoWK8WNx2XAzSZinhp7pbvGEWSotx0jL6iiNnTQ6_1J4YmZxw==
Vary: Origin

i1090.photobucket.com/albums/i366/dreamlikemagic/footer-31.png

143.204.55.54

301 Moved Permanently

167 B

URL HTTP/1.1
i1090.photobucket.com/albums/i366/dreamlikemagic/footer-31.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/i366/dreamlikemagic/footer-31.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 09 Dec 2022 18:41:43 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i1090.photobucket.com/albums/i366/dreamlikemagic/footer-31.png
X-Cache: Redirect from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uIEIXb-IWj9ea5ocQaZugB-cYDoTspg4hpAgTrft23Z-enTiQlChqg==
Vary: Origin

i1205.photobucket.com/albums/bb428/kpmdoodles/blogbuttonkpm.jpg

143.204.55.106

301 Moved Permanently

167 B

URL HTTP/1.1
i1205.photobucket.com/albums/bb428/kpmdoodles/blogbuttonkpm.jpg
IP
143.204.55.106:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/bb428/kpmdoodles/blogbuttonkpm.jpg HTTP/1.1
Host: i1205.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 09 Dec 2022 18:41:43 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i1205.photobucket.com/albums/bb428/kpmdoodles/blogbuttonkpm.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5F3VKZKrN1xrwTyy9AdYYIaLNGL0OR7pzGmJv1oRSIZV6w7t-kNBvA==
Vary: Origin

kevinandamanda.com/buttons/fsf.jpg

188.114.96.1

503 Service Temporarily Unavailable

188 B

URL HTTP/1.1
kevinandamanda.com/buttons/fsf.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
188 B (188 bytes)
Hash
7a0eb434d044f6d418d41520a7e677fe
1d0aa66b6a2cabf7c013e90a38b681bce53857bc
4a236cb6a986c5d307e0eabc396e232bbd8bb73819dd15104e4b109a28c7c558

HTTP Headers

GET /buttons/fsf.jpg HTTP/1.1
Host: kevinandamanda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 503 Service Temporarily Unavailable
Date: Fri, 09 Dec 2022 18:41:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svHeCbw5OepCPsVUgQ1MTNEDHMalu21dZu8HUAVUP93zNH8rluN18RaTxWsJl3GsOcwuI3eSlAjAcZpECng%2F8VRbtkxlAeNfZuAMSrwyjigAHSUuD2V4CX%2Fik0mkwi0GcqM3zWw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776fe0699b291bfa-OSL
alt-svc: h2=":443"; ma=60

www.blogger.com/followers.g?blogID=1794519403126134013&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://allthatglittersinfirstgrade.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__

142.250.74.73

302 Found

541 B

URL HTTP/2
www.blogger.com/followers.g?blogID=1794519403126134013&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://allthatglittersinfirstgrade.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP
142.250.74.73:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1052)
Size
541 B (541 bytes)
Hash
0e6833d7ae4bc1a01241af200f606274
da3966295c546815b61a8f1166e61c3943b74ec7
ed195cee9c895de129392a3da9be9dcbd3531c5581caa8fe768a337bd93db329

HTTP Headers

GET /followers.g?blogID=1794519403126134013&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50&pageSize=21&origin=http://allthatglittersinfirstgrade.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D1794519403126134013%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://allthatglittersinfirstgrade.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D1794519403126134013%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://allthatglittersinfirstgrade.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 09 Dec 2022 18:41:43 GMT
expires: Fri, 09 Dec 2022 18:41:43 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 541
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b658d05e796c732572cbbb288f9dbd7a
66c489a55cdfda30f31c88dd4fbedf1ee138229f
f34d9a993edb309ed27889ac25679317ac691d7ca129aaf0732033013478df0c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

3.bp.blogspot.com/-sd6hS55OMW8/Ug_j-2K_O2I/AAAAAAAAA2o/ItIAXnLDRHY/s320/Slide1.png

142.250.74.161

200 OK

54 kB

URL HTTP/1.1
3.bp.blogspot.com/-sd6hS55OMW8/Ug_j-2K_O2I/AAAAAAAAA2o/ItIAXnLDRHY/s320/Slide1.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced\012- data
Size
54 kB (53816 bytes)
Hash
437cd7dc48061d12497628e2522451ce
a1fb6e368088c71d8298572ca20c6669c568de12
0c139b99713ae92f0e105838527f572415e4c89007942acd445d28220e42a984

HTTP Headers

GET /-sd6hS55OMW8/Ug_j-2K_O2I/AAAAAAAAA2o/ItIAXnLDRHY/s320/Slide1.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v36a"
Expires: Sat, 10 Dec 2022 18:41:43 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide1.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:43 GMT
Server: fife
Content-Length: 53816
X-XSS-Protection: 0

4.bp.blogspot.com/-rOODrLmsfSo/T2_GjBmebBI/AAAAAAAAAKo/LQHv4LJScZE/s80/button.png

142.250.74.161

200 OK

13 kB

URL HTTP/1.1
4.bp.blogspot.com/-rOODrLmsfSo/T2_GjBmebBI/AAAAAAAAAKo/LQHv4LJScZE/s80/button.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 80 x 80, 8-bit/color RGB, non-interlaced\012- data
Size
13 kB (13109 bytes)
Hash
e9158cb8f343dfcb2d8a308b5f26c91b
8a48024180031ddaefe345f4249af4d9f243ca98
95795800727c845b60ec89c29c6f0d0ff12f9e79658bde6bb03a169bff0a32c3

HTTP Headers

GET /-rOODrLmsfSo/T2_GjBmebBI/AAAAAAAAAKo/LQHv4LJScZE/s80/button.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vaa"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="button.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 13109
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b873c6396aca4019ea51aed119cc8b6
b9684a5bf5075eb4e8ae2512b9ab3f1ddbddf80a
0045a8cb68ae0065903c118fcce7eb8b5eb1ad3bf92da3a50630346f5b45ca34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

3.bp.blogspot.com/-bJcfpNIajO8/UTq2mvIaG_I/AAAAAAAAAnY/uBSWKdoGl80/s1600/em.png

142.250.74.161

200 OK

4.9 kB

URL HTTP/1.1
3.bp.blogspot.com/-bJcfpNIajO8/UTq2mvIaG_I/AAAAAAAAAnY/uBSWKdoGl80/s1600/em.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 65 x 98, 8-bit/color RGB, non-interlaced\012- data
Size
4.9 kB (4851 bytes)
Hash
dfe52edc8827f3b809d4b8e79cb6c410
151ebbbafba43cac8c5671006d4ddb56b88fad01
7f4270981889306eeea64d9ebdb966cc870ada8733f112b0fdcc9ccaecea8084

HTTP Headers

GET /-bJcfpNIajO8/UTq2mvIaG_I/AAAAAAAAAnY/uBSWKdoGl80/s1600/em.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v278"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="em.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 4851
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b873c6396aca4019ea51aed119cc8b6
b9684a5bf5075eb4e8ae2512b9ab3f1ddbddf80a
0045a8cb68ae0065903c118fcce7eb8b5eb1ad3bf92da3a50630346f5b45ca34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

4.bp.blogspot.com/-jLsjuhBL_s8/UfGbNF-Z_RI/AAAAAAAAA0o/hm3IicNnP8w/s320/photo.JPG

142.250.74.161

200 OK

33 kB

URL HTTP/1.1
4.bp.blogspot.com/-jLsjuhBL_s8/UfGbNF-Z_RI/AAAAAAAAA0o/hm3IicNnP8w/s320/photo.JPG
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size
33 kB (33079 bytes)
Hash
869e75ead6d9f556b3e1362e4474f119
be51fc4b8693cc6c7d681c054111bb840431ada3
e51bd987e2ed64f10c13e0a1a7f51705688785be728bc146e242167a0bad20e8

HTTP Headers

GET /-jLsjuhBL_s8/UfGbNF-Z_RI/AAAAAAAAA0o/hm3IicNnP8w/s320/photo.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v34b"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="photo.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 33079
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b873c6396aca4019ea51aed119cc8b6
b9684a5bf5075eb4e8ae2512b9ab3f1ddbddf80a
0045a8cb68ae0065903c118fcce7eb8b5eb1ad3bf92da3a50630346f5b45ca34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.teacherspayteachers.com/widgets/get/3134

104.66.112.207

301 Moved Permanently

134 B

URL HTTP/1.1
www.teacherspayteachers.com/widgets/get/3134
IP
104.66.112.207:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /widgets/get/3134 HTTP/1.1
Host: www.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Content-Type: text/html
Content-Length: 134
Location: https://www.teacherspayteachers.com:443/widgets/get/3134
Date: Fri, 09 Dec 2022 18:41:44 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
269485027c7ab119ac9289f7b212b68b
d00a569112111c45ffb2c2dce77a75454766950a
6179c61745c41c0cb4eb57697ec68623355b0cabd6a77f0fbfca5e21687c8d94

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6179C61745C41C0CB4EB57697EC68623355B0CABD6A77F0FBFCA5E21687C8D94"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3202
Expires: Fri, 09 Dec 2022 19:35:06 GMT
Date: Fri, 09 Dec 2022 18:41:44 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c076be28fb3f21069b94f764b8098e1
0fd150ec27b65389ec1c482bdc2f52be1e24829a
858b98ebc77a7ce3083a3c31b2256383bf80e6344d0d3001950e0262eacfca6d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

3.bp.blogspot.com/-6G83Kz4U7tk/Ugw0zDvf5lI/AAAAAAAAA2M/lKjXuFUcSpc/s400/Slide1.png

142.250.74.161

200 OK

79 kB

URL HTTP/1.1
3.bp.blogspot.com/-6G83Kz4U7tk/Ugw0zDvf5lI/AAAAAAAAA2M/lKjXuFUcSpc/s400/Slide1.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 400 x 300, 8-bit/color RGB, non-interlaced\012- data
Size
79 kB (79132 bytes)
Hash
7c9bcc202ac3799f6816e76f1b9b89a5
f90ba689cb164c18086b1e6bad02c2264f6a92b3
54884f0190658d48e4af7d4f8c67da128a1b573e5a22641262c0b623d592fdd2

HTTP Headers

GET /-6G83Kz4U7tk/Ugw0zDvf5lI/AAAAAAAAA2M/lKjXuFUcSpc/s400/Slide1.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v364"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide1.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 79132
X-XSS-Protection: 0

lh6.googleusercontent.com/-ZrtsQb23wi4/Ues6QzmPRwI/AAAAAAAAAz4/_CyUYbuaqXY/s640/blogger-image-1413238117.jpg

142.250.74.97

200 OK

130 kB

URL HTTP/2
lh6.googleusercontent.com/-ZrtsQb23wi4/Ues6QzmPRwI/AAAAAAAAAz4/_CyUYbuaqXY/s640/blogger-image-1413238117.jpg
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 640x480, components 3\012- data
Size
130 kB (129778 bytes)
Hash
6a55b631c271a7ecd9e0fa1a181a091f
225eedef3a151a1d7701e5a7335870d15c12b511
099ac650c2ec7cac4e818316e39243aa5985609df4323b1e1a68eddea1ed3e71

HTTP Headers

GET /-ZrtsQb23wi4/Ues6QzmPRwI/AAAAAAAAAz4/_CyUYbuaqXY/s640/blogger-image-1413238117.jpg HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v33f"
expires: Sat, 10 Dec 2022 18:41:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="blogger-image-1413238117.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 18:41:44 GMT
server: fife
content-length: 129778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

3.bp.blogspot.com/-RfkZS_AG4-4/Ugw089ZUKkI/AAAAAAAAA2U/oOwi6U6voiE/s320/Slide2.png

142.250.74.161

200 OK

40 kB

URL HTTP/1.1
3.bp.blogspot.com/-RfkZS_AG4-4/Ugw089ZUKkI/AAAAAAAAA2U/oOwi6U6voiE/s320/Slide2.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced\012- data
Size
40 kB (40267 bytes)
Hash
716b69dc40222c5eb9c6bc662c41d5b1
b946053bf3ac4bd0bfc2c5c9fa661b3ec4258c23
4f09bc3e4024a7ebb5f8af17afa246e37e584e7a85309b9ae7c23708577ec303

HTTP Headers

GET /-RfkZS_AG4-4/Ugw089ZUKkI/AAAAAAAAA2U/oOwi6U6voiE/s320/Slide2.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v366"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide2.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 40267
X-XSS-Protection: 0

lh5.googleusercontent.com/-p8QndPcyyhI/Ues6SIztdII/AAAAAAAAA0A/lAFKV7S5KTY/s640/blogger-image--363939201.jpg

142.250.74.97

200 OK

113 kB

URL HTTP/2
lh5.googleusercontent.com/-p8QndPcyyhI/Ues6SIztdII/AAAAAAAAA0A/lAFKV7S5KTY/s640/blogger-image--363939201.jpg
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 640x480, components 3\012- data
Size
113 kB (113151 bytes)
Hash
33864ccc6c6c79b4a389a5d6886200dc
42bf16fb84e1df6d787607f21955d2ad5471815c
1cfda3db87dba59992dd81d8bac574a38ea4406dc7e528911715a56208d6d602

HTTP Headers

GET /-p8QndPcyyhI/Ues6SIztdII/AAAAAAAAA0A/lAFKV7S5KTY/s640/blogger-image--363939201.jpg HTTP/1.1
Host: lh5.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v341"
expires: Sat, 10 Dec 2022 18:41:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="blogger-image--363939201.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 18:41:44 GMT
server: fife
content-length: 113151
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

3.bp.blogspot.com/-bzvy_UaiuNE/Ugwzcaf-4rI/AAAAAAAAA14/pbX_rXU-ArY/s320/Slide1.png

142.250.74.161

200 OK

54 kB

URL HTTP/1.1
3.bp.blogspot.com/-bzvy_UaiuNE/Ugwzcaf-4rI/AAAAAAAAA14/pbX_rXU-ArY/s320/Slide1.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced\012- data
Size
54 kB (53816 bytes)
Hash
437cd7dc48061d12497628e2522451ce
a1fb6e368088c71d8298572ca20c6669c568de12
0c139b99713ae92f0e105838527f572415e4c89007942acd445d28220e42a984

HTTP Headers

GET /-bzvy_UaiuNE/Ugwzcaf-4rI/AAAAAAAAA14/pbX_rXU-ArY/s320/Slide1.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v35e"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide1.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 53816
X-XSS-Protection: 0

4.bp.blogspot.com/-ztK0yKZK44o/UfGZzwU-KsI/AAAAAAAAA0U/NUbJejVHCJk/s320/photo.JPG

142.250.74.161

200 OK

45 kB

URL HTTP/1.1
4.bp.blogspot.com/-ztK0yKZK44o/UfGZzwU-KsI/AAAAAAAAA0U/NUbJejVHCJk/s320/photo.JPG
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size
45 kB (44879 bytes)
Hash
39a1eafb4c3e9f2c6e92e518b2cad27a
3d7ec136fe55d90e47adaa1a3db9356ad042248e
f7bbf401ef358e947d2588b9f34a6bba0aee60a89c343f3a99d434cb5bd63586

HTTP Headers

GET /-ztK0yKZK44o/UfGZzwU-KsI/AAAAAAAAA0U/NUbJejVHCJk/s320/photo.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v346"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="photo.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 44879
X-XSS-Protection: 0

lh4.googleusercontent.com/-eJmU-FEAACg/UeSL69lMyNI/AAAAAAAAAzg/Z-ANIi5Q3hI/s640/blogger-image-1153311624.jpg

142.250.74.97

200 OK

101 kB

URL HTTP/2
lh4.googleusercontent.com/-eJmU-FEAACg/UeSL69lMyNI/AAAAAAAAAzg/Z-ANIi5Q3hI/s640/blogger-image-1153311624.jpg
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 360x480, components 3\012- data
Size
101 kB (100613 bytes)
Hash
2d9214ce07d848ddf20008fcda0fe600
b8199f0d9b4163c5ef412c7c672a8452e18138dd
2b73389c727570e1b5438e34b0bb0150976ea5a49ba2bd4afe45ef0dd96874cf

HTTP Headers

GET /-eJmU-FEAACg/UeSL69lMyNI/AAAAAAAAAzg/Z-ANIi5Q3hI/s640/blogger-image-1153311624.jpg HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v339"
expires: Sat, 10 Dec 2022 18:41:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="blogger-image-1153311624.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 18:41:44 GMT
server: fife
content-length: 100613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lh6.googleusercontent.com/-cQwjq-Xiq58/UfVmU1_hTfI/AAAAAAAAA1Q/JAdzNs8puYo/s640/blogger-image--2079759177.jpg

142.250.74.97

200 OK

76 kB

URL HTTP/2
lh6.googleusercontent.com/-cQwjq-Xiq58/UfVmU1_hTfI/AAAAAAAAA1Q/JAdzNs8puYo/s640/blogger-image--2079759177.jpg
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 640x360, components 3\012- data
Size
76 kB (76104 bytes)
Hash
45e7cd2171e3b4f34acf994454e7ca21
24b63572c5500473aa853d432de6f2e798164610
494e1b0045e11ef541590241f5ae4f4006b3604b3235e4536fb0c08e1febd05b

HTTP Headers

GET /-cQwjq-Xiq58/UfVmU1_hTfI/AAAAAAAAA1Q/JAdzNs8puYo/s640/blogger-image--2079759177.jpg HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v355"
expires: Sat, 10 Dec 2022 18:41:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="blogger-image--2079759177.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 18:41:44 GMT
server: fife
content-length: 76104
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lh4.googleusercontent.com/-fhStZ6yHjb8/UeSL8qVx7TI/AAAAAAAAAzo/ul6nOVJvf6o/s640/blogger-image--672281630.jpg

142.250.74.97

200 OK

189 kB

URL HTTP/2
lh4.googleusercontent.com/-fhStZ6yHjb8/UeSL8qVx7TI/AAAAAAAAAzo/ul6nOVJvf6o/s640/blogger-image--672281630.jpg
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 640x480, components 3\012- data
Size
189 kB (189002 bytes)
Hash
a699a9195d713cffce4b8aaacc52e83e
eb38c52abac00c36289e0da89a99adcdc99034a0
5f01e5d31845db19b88f2a4d5e633a3cb5c7f03e10055eb919530f72f5d35198

HTTP Headers

GET /-fhStZ6yHjb8/UeSL8qVx7TI/AAAAAAAAAzo/ul6nOVJvf6o/s640/blogger-image--672281630.jpg HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v33b"
expires: Sat, 10 Dec 2022 18:41:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="blogger-image--672281630.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 18:41:44 GMT
server: fife
content-length: 189002
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i1090.photobucket.com/albums/i366/dreamlikemagic/bg-1516.png

143.204.55.54

301 Moved Permanently

167 B

URL HTTP/1.1
i1090.photobucket.com/albums/i366/dreamlikemagic/bg-1516.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/i366/dreamlikemagic/bg-1516.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 09 Dec 2022 18:41:44 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i1090.photobucket.com/albums/i366/dreamlikemagic/bg-1516.png
X-Cache: Redirect from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 63Fqh1GhSuG5k64MJljPHdX2lWhheNYcTkYbEE7zVmJtGzOuAZrYxw==
Vary: Origin

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc4bd6c87697c60c67a4d2cbfe23317f
fc376195c21fa51e8d8320d0e55ede8964bc4a0e
d0d2c4350442443f910f62f0954fa10c85064eefbdaada1392d794db11e12e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false

157.240.221.35

301 Moved Permanently

0 B

URL HTTP/1.1
www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false
IP
157.240.221.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 09 Dec 2022 18:41:44 GMT
Connection: keep-alive
Content-Length: 0

4.bp.blogspot.com/-bSHLddmO8Ac/Ugwydb-vuHI/AAAAAAAAA1k/eMYuguFqRvA/s320/Slide1.png

142.250.74.161

200 OK

31 kB

URL HTTP/1.1
4.bp.blogspot.com/-bSHLddmO8Ac/Ugwydb-vuHI/AAAAAAAAA1k/eMYuguFqRvA/s320/Slide1.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced\012- data
Size
31 kB (31110 bytes)
Hash
1e8ab93f4be4f24856c4b5fa01524a57
50f72f6e5884aa281c35fac479c5200a2e14552d
8d3848909ea181380412cd823fcdb535fd47e062de7c375a8a942d06517e9824

HTTP Headers

GET /-bSHLddmO8Ac/Ugwydb-vuHI/AAAAAAAAA1k/eMYuguFqRvA/s320/Slide1.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v35a"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide1.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 31110
X-XSS-Protection: 0

2.bp.blogspot.com/-q25I8t6cDeM/UhAEtLD7OeI/AAAAAAAAA3E/C-hRpEc2IrM/s320/Slide1.png

142.250.74.161

200 OK

23 kB

URL HTTP/1.1
2.bp.blogspot.com/-q25I8t6cDeM/UhAEtLD7OeI/AAAAAAAAA3E/C-hRpEc2IrM/s320/Slide1.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced\012- data
Size
23 kB (22667 bytes)
Hash
a275cda968c569d72749e66900c4953f
4be08a9f932f87812f05ca76cc252f27ab3d2f08
14c82d8ed516ef29b41e9aea9bfcbcc1d1d95dad17e0b6c80a017ce12129f7ca

HTTP Headers

GET /-q25I8t6cDeM/UhAEtLD7OeI/AAAAAAAAA3E/C-hRpEc2IrM/s320/Slide1.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v372"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide1.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 22667
X-XSS-Protection: 0

2.bp.blogspot.com/-xXvvoIZCY-E/UfGdvqE0dsI/AAAAAAAAA1A/RemlkQhowts/s320/photo.jpg

142.250.74.161

200 OK

34 kB

URL HTTP/1.1
2.bp.blogspot.com/-xXvvoIZCY-E/UfGdvqE0dsI/AAAAAAAAA1A/RemlkQhowts/s320/photo.jpg
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 240x320, components 3\012- data
Size
34 kB (34486 bytes)
Hash
e3a74729ff4d64da10e6ee91cb2ea294
6f3648c919712da8ca016c45859284c45b3e7ab5
aaf385b5727a295c5a99fdd0282b92238e16e076198d536911b6117054cb23c2

HTTP Headers

GET /-xXvvoIZCY-E/UfGdvqE0dsI/AAAAAAAAA1A/RemlkQhowts/s320/photo.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v351"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="photo.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 34486
X-XSS-Protection: 0

i1090.photobucket.com/albums/i366/dreamlikemagic/side-120.png

143.204.55.54

301 Moved Permanently

167 B

URL HTTP/1.1
i1090.photobucket.com/albums/i366/dreamlikemagic/side-120.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/i366/dreamlikemagic/side-120.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 09 Dec 2022 18:41:44 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i1090.photobucket.com/albums/i366/dreamlikemagic/side-120.png
X-Cache: Redirect from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9JrJhT-Fl_NHxbX_0khTukSQBUuaX28vhJ_QmlKxi4Hsl7TM2hAeNQ==
Vary: Origin

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b873c6396aca4019ea51aed119cc8b6
b9684a5bf5075eb4e8ae2512b9ab3f1ddbddf80a
0045a8cb68ae0065903c118fcce7eb8b5eb1ad3bf92da3a50630346f5b45ca34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

2.bp.blogspot.com/-sd6hS55OMW8/Ug_j-2K_O2I/AAAAAAAAA2k/kjKb3pAcJsE/s320/Slide1.png

142.250.74.161

200 OK

54 kB

URL HTTP/1.1
2.bp.blogspot.com/-sd6hS55OMW8/Ug_j-2K_O2I/AAAAAAAAA2k/kjKb3pAcJsE/s320/Slide1.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced\012- data
Size
54 kB (53816 bytes)
Hash
437cd7dc48061d12497628e2522451ce
a1fb6e368088c71d8298572ca20c6669c568de12
0c139b99713ae92f0e105838527f572415e4c89007942acd445d28220e42a984

HTTP Headers

GET /-sd6hS55OMW8/Ug_j-2K_O2I/AAAAAAAAA2k/kjKb3pAcJsE/s320/Slide1.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v36a"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide1.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 53816
X-XSS-Protection: 0

4.bp.blogspot.com/-9s8fiby51nY/Ug_n7KFbgEI/AAAAAAAAA20/2mjOSrMfp-Q/s320/TpTBackToSchoolSaleBlogIconGraphicClipartFREE.jpg

142.250.74.161

200 OK

43 kB

URL HTTP/1.1
4.bp.blogspot.com/-9s8fiby51nY/Ug_n7KFbgEI/AAAAAAAAA20/2mjOSrMfp-Q/s320/TpTBackToSchoolSaleBlogIconGraphicClipartFREE.jpg
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x201, components 3\012- data
Size
43 kB (42777 bytes)
Hash
438c14a37bbef2377d8b4f2c85f687bf
b8e590df678d7892a1fa33e7cd820c5f2a6d25cc
10e55711bf1ece573e0a4e3522b6072a15b6fd11d93fdd339e076a207a348e0d

HTTP Headers

GET /-9s8fiby51nY/Ug_n7KFbgEI/AAAAAAAAA20/2mjOSrMfp-Q/s320/TpTBackToSchoolSaleBlogIconGraphicClipartFREE.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v36e"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="TpTBackToSchoolSaleBlogIconGraphicClipartFREE.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 42777
X-XSS-Protection: 0

2.bp.blogspot.com/-4XMkcNI667U/Ugwz4dhd-8I/AAAAAAAAA18/PH-mONCWEFc/s320/Slide2.png

142.250.74.161

200 OK

34 kB

URL HTTP/1.1
2.bp.blogspot.com/-4XMkcNI667U/Ugwz4dhd-8I/AAAAAAAAA18/PH-mONCWEFc/s320/Slide2.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced\012- data
Size
34 kB (33523 bytes)
Hash
285f4ee4411cc0b876fbb6bc34488852
04f2eb1cc91e012e5f6a23deecd2e0ca49923310
7a208d5e8e8b8ffefe1088abccba6c06dd4b7d0da32b15030557b1b694b93e81

HTTP Headers

GET /-4XMkcNI667U/Ugwz4dhd-8I/AAAAAAAAA18/PH-mONCWEFc/s320/Slide2.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v360"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide2.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 33523
X-XSS-Protection: 0

fonts.gstatic.com/s/ptsanscaption/v18/0FlMVP6Hrxmt7-fsUFhlFXNIlpcaeg_x.woff2

216.58.207.227

200 OK

39 kB

URL HTTP/1.1
fonts.gstatic.com/s/ptsanscaption/v18/0FlMVP6Hrxmt7-fsUFhlFXNIlpcaeg_x.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 39284, version 1.0\012- data
Size
39 kB (39284 bytes)
Hash
a6b8dad3db6599887f5f23d6e0a1b017
bf0cf614c802b83b732c71e606e59eadfbc490bd
530c312c48abf9ef8ca6e0140c934634da2c92afc81e220cc5d92475620a3771

HTTP Headers

GET /s/ptsanscaption/v18/0FlMVP6Hrxmt7-fsUFhlFXNIlpcaeg_x.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://allthatglittersinfirstgrade.blogspot.com
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 39284
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 09 Dec 2022 13:36:02 GMT
Expires: Sat, 09 Dec 2023 13:36:02 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:16:39 GMT
Content-Type: font/woff2
Age: 18342

accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D1794519403126134013%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://allthatglittersinfirstgrade.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D1794519403126134013%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://allthatglittersinfirstgrade.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true

142.250.74.109

302 Found

486 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D1794519403126134013%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://allthatglittersinfirstgrade.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D1794519403126134013%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://allthatglittersinfirstgrade.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (519)
Size
486 B (486 bytes)
Hash
6ba6e87c66dcda590e2eef90fd1114f7
0dc40a66251b2d3e7eaf528324bedfe33b57a049
64538a5189efd6006cbe0e82dc9f282f92c5ac76993418b674ff38e31ac37e13

HTTP Headers

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D1794519403126134013%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://allthatglittersinfirstgrade.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D1794519403126134013%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://allthatglittersinfirstgrade.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 18:41:44 GMT
location: https://www.blogger.com/followers.g?blogID=1794519403126134013&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByM3ZjJlOGEqByNmM2YyZWUyByNmOTQ5OTg6ByMwMDAwMDBCByM3ZjJlOGFKByNlOTY0OWJSByM3ZjJlOGFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fallthatglittersinfirstgrade.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-8zcNBaM0bbdZRsxSdsFejQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 486
server: GSE
set-cookie: __Host-GAPS=1:jra52Kjw8zraUDRtqc7nSCz-vqGEXA:h5CVr_N-G4PmbiP3;Path=/;Expires=Sun, 08-Dec-2024 18:41:44 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/cherrycreamsoda/v21/UMBIrOxBrW6w2FFyi9paG0fdVdRciQd9A98.woff2

216.58.207.227

200 OK

24 kB

URL HTTP/1.1
fonts.gstatic.com/s/cherrycreamsoda/v21/UMBIrOxBrW6w2FFyi9paG0fdVdRciQd9A98.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 24236, version 1.0\012- data
Size
24 kB (24236 bytes)
Hash
0caf6947dd9d590934bb7a28548893b9
e7d4be7452b4c60635726fa7578e5b6aecdf185d
5c2d691a9e7ca08b1fccf8dae98e55b58eca6673080c7cb8a2a5972ef71a97d4

HTTP Headers

GET /s/cherrycreamsoda/v21/UMBIrOxBrW6w2FFyi9paG0fdVdRciQd9A98.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://allthatglittersinfirstgrade.blogspot.com
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 24236
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 18:39:08 GMT
Expires: Wed, 06 Dec 2023 18:39:08 GMT
Cache-Control: public, max-age=31536000
Age: 259356
Last-Modified: Tue, 19 Apr 2022 18:58:30 GMT
Content-Type: font/woff2

www.bloglovin.com/widget/bilder/en/widget.gif?id=5196479

194.0.59.31

200 OK

1.6 kB

URL HTTP/1.1
www.bloglovin.com/widget/bilder/en/widget.gif?id=5196479
IP
194.0.59.31:0
ASN
#16150 Availo Networks AB

File type
GIF image data, version 89a, 173 x 29\012- data
Size
1.6 kB (1588 bytes)
Hash
aa527201ccdd3a09a11178cfe13ab034
2b6c0087150d7026a36defd8202c43cc3a26a3ed
45daca1b266668874deee662165df621e3cf8027893e5cac63deb50f1fa18085

HTTP Headers

GET /widget/bilder/en/widget.gif?id=5196479 HTTP/1.1
Host: www.bloglovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 18:41:50 GMT
Content-Type: image/gif
Content-Length: 1588
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 19 Feb 2016 13:10:34 GMT
ETag: "56c7144a-634"
Cache-Control: public, max-age=1800
X-Varnish: 445214682
Age: 0
Via: 1.1 varnish (Varnish/5.2)
bl-cache-status: MISS
bl-CDN-Provider: None
Accept-Ranges: bytes

2.bp.blogspot.com/-a7q-W4N6g2g/UfGb2zLliGI/AAAAAAAAA0w/lSJaQqpgpU8/s320/photo.JPG

142.250.74.161

200 OK

29 kB

URL HTTP/1.1
2.bp.blogspot.com/-a7q-W4N6g2g/UfGb2zLliGI/AAAAAAAAA0w/lSJaQqpgpU8/s320/photo.JPG
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size
29 kB (29070 bytes)
Hash
f0049de05f83bac6f97756e5dc0408c9
59b740bcb524a6fb1388abb10417d75b55dc0ff3
93da674732581cd40eb837a85724bfac455232da2c0384c05c14e894102ba3ee

HTTP Headers

GET /-a7q-W4N6g2g/UfGb2zLliGI/AAAAAAAAA0w/lSJaQqpgpU8/s320/photo.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v34d"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="photo.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 29070
X-XSS-Protection: 0

2.bp.blogspot.com/-EgniHkdA8yk/UfGas9o4HvI/AAAAAAAAA0g/wLiG_Q0r-nw/s320/photo.jpg

142.250.74.161

200 OK

34 kB

URL HTTP/1.1
2.bp.blogspot.com/-EgniHkdA8yk/UfGas9o4HvI/AAAAAAAAA0g/wLiG_Q0r-nw/s320/photo.jpg
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 240x320, components 3\012- data
Size
34 kB (34153 bytes)
Hash
81fc9e92f9a07e195b5d53b6b5c187c0
ac29952a8f7a87953398ac667122e11a63a9585b
902ef32e051b7fcde69b7e68a72b4e7579f07e703aa69b68668dffb4250389eb

HTTP Headers

GET /-EgniHkdA8yk/UfGas9o4HvI/AAAAAAAAA0g/wLiG_Q0r-nw/s320/photo.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v349"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="photo.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 34153
X-XSS-Protection: 0

2.bp.blogspot.com/-FxUY4RA4GzQ/UhAFG30425I/AAAAAAAAA3U/92NABmpoung/s320/Slide3.png

142.250.74.161

200 OK

47 kB

URL HTTP/1.1
2.bp.blogspot.com/-FxUY4RA4GzQ/UhAFG30425I/AAAAAAAAA3U/92NABmpoung/s320/Slide3.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced\012- data
Size
47 kB (46987 bytes)
Hash
7681e8aac2c7449d02a157924e665bab
b627f048b38b4c5725351c469a0c89d64445b5a4
1dac10f70761e7f24ea98c21d9b601ae685b1a0a57adbf623176cd6d28b9314b

HTTP Headers

GET /-FxUY4RA4GzQ/UhAFG30425I/AAAAAAAAA3U/92NABmpoung/s320/Slide3.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v376"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide3.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 46987
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
39f7a852bbae05f09dc53ef10c0d1160
d57c5d32435b7f3d28a09b8d9c6dc74c69137f90
3eb99977809e58f9babd580d0c58bccbf19b3056a885fe90ae3dcc4fcf9424a9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.bloglovin.com/widget/subscribers.php?id=5196479&lang=en

194.0.59.31

200 OK

486 B

URL HTTP/1.1
www.bloglovin.com/widget/subscribers.php?id=5196479&lang=en
IP
194.0.59.31:0
ASN
#16150 Availo Networks AB

File type
GIF image data, version 89a, 119 x 27\012- data
Size
486 B (486 bytes)
Hash
bbd745927e550ef3498cf457febd7744
15409cc4949b3dd7788df40e3da976e362e8e190
d67b79fa12b20239d19db99ab2abbf4290695754a4864ad4624f38caa357255a

HTTP Headers

GET /widget/subscribers.php?id=5196479&lang=en HTTP/1.1
Host: www.bloglovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 18:41:50 GMT
Content-Type: image/gif
Content-Length: 486
Connection: keep-alive
Keep-Alive: timeout=60
Cache-Control: public, max-age=1800
X-Varnish: 451423774
Age: 0
Via: 1.1 varnish (Varnish/5.2)
bl-cache-status: MISS
bl-CDN-Provider: None
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
269485027c7ab119ac9289f7b212b68b
d00a569112111c45ffb2c2dce77a75454766950a
6179c61745c41c0cb4eb57697ec68623355b0cabd6a77f0fbfca5e21687c8d94

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6179C61745C41C0CB4EB57697EC68623355B0CABD6A77F0FBFCA5E21687C8D94"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3202
Expires: Fri, 09 Dec 2022 19:35:06 GMT
Date: Fri, 09 Dec 2022 18:41:44 GMT
Connection: keep-alive

1.bp.blogspot.com/-yDityW_XQJ0/Udc5ieIlhWI/AAAAAAAAAyI/yYiDG-xnw4I/s320/betsybutton.png

142.250.74.161

200 OK

108 kB

URL HTTP/1.1
1.bp.blogspot.com/-yDityW_XQJ0/Udc5ieIlhWI/AAAAAAAAAyI/yYiDG-xnw4I/s320/betsybutton.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 301, 8-bit/color RGB, non-interlaced\012- data
Size
108 kB (107493 bytes)
Hash
a08a57641b92a3719170e877e8befc9d
97df54fc5fb43aad702b998cb4182e78d9eb2e54
77895f5e7cf11e6bf883fe77bc7dcf03b5aa299826201cb3f93d39faa2cea80b

HTTP Headers

GET /-yDityW_XQJ0/Udc5ieIlhWI/AAAAAAAAAyI/yYiDG-xnw4I/s320/betsybutton.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v322"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="betsybutton.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 107493
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b658d05e796c732572cbbb288f9dbd7a
66c489a55cdfda30f31c88dd4fbedf1ee138229f
f34d9a993edb309ed27889ac25679317ac691d7ca129aaf0732033013478df0c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1.bp.blogspot.com/-B5tVdt_CB50/UhAE7H-1G_I/AAAAAAAAA3M/Pf5pSNGuWHA/s320/Slide2.png

142.250.74.161

200 OK

39 kB

URL HTTP/1.1
1.bp.blogspot.com/-B5tVdt_CB50/UhAE7H-1G_I/AAAAAAAAA3M/Pf5pSNGuWHA/s320/Slide2.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced\012- data
Size
39 kB (39228 bytes)
Hash
db7b66213d5937ee4cc1f0187f4d4f6b
bcb4258fbb8586a6483e476dd67f1bb95f5df5fa
b33bd4c0771ae18678b52538dfccc47573fe5da85e4e8eca140fd710ec030c0c

HTTP Headers

GET /-B5tVdt_CB50/UhAE7H-1G_I/AAAAAAAAA3M/Pf5pSNGuWHA/s320/Slide2.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v374"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide2.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 39228
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3b873c6396aca4019ea51aed119cc8b6
b9684a5bf5075eb4e8ae2512b9ab3f1ddbddf80a
0045a8cb68ae0065903c118fcce7eb8b5eb1ad3bf92da3a50630346f5b45ca34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
101b88a5a141e4659cc3150b7ca565b6
898ea48b6bb3c316e651cb4bc6451be06c050ab9
5ae54f788fa6724f16af03528f24db2ecbbefd8e5fc9af7fb2a79551911ca09f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3015
Cache-Control: max-age=166878
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Etag: "63935e7f-1d7"
Expires: Sun, 11 Dec 2022 17:03:02 GMT
Last-Modified: Fri, 09 Dec 2022 16:12:47 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

1.bp.blogspot.com/-ZdVQUj7T3IE/UhAFYO3JIwI/AAAAAAAAA3c/R97Hl2KqtZk/s320/Slide4.png

142.250.74.161

200 OK

41 kB

URL HTTP/1.1
1.bp.blogspot.com/-ZdVQUj7T3IE/UhAFYO3JIwI/AAAAAAAAA3c/R97Hl2KqtZk/s320/Slide4.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced\012- data
Size
41 kB (40848 bytes)
Hash
a293829e6f538cdae739c7913d640e60
7357263036a9d51922b31d09656f136d4f634449
eed475bf739b0c770d42022d212174bd82330e1f56a814dd5e671da832f33e11

HTTP Headers

GET /-ZdVQUj7T3IE/UhAFYO3JIwI/AAAAAAAAA3c/R97Hl2KqtZk/s320/Slide4.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v378"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Slide4.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 40848
X-XSS-Protection: 0

i1090.photobucket.com/albums/i366/dreamlikemagic/footer-31.png

143.204.55.54

200 OK

6.0 kB

URL HTTP/2
i1090.photobucket.com/albums/i366/dreamlikemagic/footer-31.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
6.0 kB (6000 bytes)
Hash
812c40c8d164e4d6d3ec4c064c2756b4
c398ee1797db784cdf20e22ad00958dee5c3fec3
57ffb32170bdb5d68646308257f3b87f8baf4576104877d1da85d753fe4c3022

HTTP Headers

GET /albums/i366/dreamlikemagic/footer-31.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 6000
date: Fri, 09 Dec 2022 18:41:44 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="footer-31.webp"
expires: Sat, 09 Dec 2023 18:41:44 GMT
server: photobucket
x-amzn-trace-id: Root=1-63938168-5281d257574350636b9e5f65
x-request-id: 8JBdTHSETys_C7HJMac7x
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NNm843QOqvi_aKimHkan0aNI311mFLo3k6xXcLFUieqlCv9bcd34_Q==
vary: Accept, Origin
X-Firefox-Spdy: h2

i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/signature-1053.png

143.204.55.54

200 OK

2.7 kB

URL HTTP/2
i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/signature-1053.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.7 kB (2710 bytes)
Hash
a8ede2d625b4d2e50eecb39c17aa4d3d
d6a87ce4d142f964fe8f1ebf56bbf6a7679328ca
5afbbdcae058b0a714a9e3ab5b0f191f3c0553bde387660fefe3318f56e81fdb

HTTP Headers

GET /albums/i366/dreamlikemagic/blogs/signature-1053.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 2710
date: Fri, 09 Dec 2022 18:41:44 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="signature-1053.webp"
expires: Sat, 09 Dec 2023 18:41:44 GMT
server: photobucket
x-amzn-trace-id: Root=1-63938168-357bc16118dcbf327fcd8ab9
x-request-id: K5wBg7deTjyl6NUfzxeGb
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AzFQXZVLFiCh-d2XX8Ob63VsUrtgGX3g2ySi3QCV4IgZqGzcuH3IaA==
vary: Accept, Origin
X-Firefox-Spdy: h2

1.bp.blogspot.com/-71b4A7RDzLo/UTq2mr2UP7I/AAAAAAAAAnU/TnBjyCJnfaE/s1600/PI.png

142.250.74.161

200 OK

4.2 kB

URL HTTP/1.1
1.bp.blogspot.com/-71b4A7RDzLo/UTq2mr2UP7I/AAAAAAAAAnU/TnBjyCJnfaE/s1600/PI.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 65 x 98, 8-bit/color RGB, non-interlaced\012- data
Size
4.2 kB (4202 bytes)
Hash
8bea7bdb5f98b0d18b0ce66081c9f8cc
82f9dd47f9c1ce8924f0a135bbf6b6e3ecd62f31
dba31047287c909d1b1b00f2e61daada1826de8fb3e6f2de22c68f256811ca6d

HTTP Headers

GET /-71b4A7RDzLo/UTq2mr2UP7I/AAAAAAAAAnU/TnBjyCJnfaE/s1600/PI.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v27a"
Expires: Sat, 10 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="PI.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 09 Dec 2022 18:41:44 GMT
Server: fife
Content-Length: 4202
X-XSS-Protection: 0

i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/button-778.png

143.204.55.54

200 OK

6.5 kB

URL HTTP/2
i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/button-778.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
6.5 kB (6520 bytes)
Hash
b0f9a3539c6756bc480ea7b3bc08c423
1423dcb729a2bf48739720c864c4a14c18188339
d5cbac6b4050889e5dafbfefeeb0a0e4b3ee7460aec7df730129869e6dcf1c56

HTTP Headers

GET /albums/i366/dreamlikemagic/blogs/button-778.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 6520
date: Fri, 09 Dec 2022 18:41:44 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="button-778.webp"
expires: Sat, 09 Dec 2023 18:41:44 GMT
server: photobucket
x-amzn-trace-id: Root=1-63938168-57814889716680047f335d09
x-request-id: 9SrvDApqnRBNF5M83kdVr
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NxVcQ3Upp1Kuv1YAoPFulrxXI0hEMPuFhglNW9RMW5XSABkTCtULlQ==
vary: Accept, Origin
X-Firefox-Spdy: h2

www.blogger.com/navbar.g?targetBlogID=1794519403126134013&blogName=All+That+Glitters+In+First+Grade&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://allthatglittersinfirstgrade.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://allthatglittersinfirstgrade.blogspot.com/&vt=7848240109773970793&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__

142.250.74.73

200 OK

2.6 kB

URL HTTP/2
www.blogger.com/navbar.g?targetBlogID=1794519403126134013&blogName=All+That+Glitters+In+First+Grade&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://allthatglittersinfirstgrade.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://allthatglittersinfirstgrade.blogspot.com/&vt=7848240109773970793&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP
142.250.74.73:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3172)
Size
2.6 kB (2610 bytes)
Hash
8ae7a113b8efbc61e78f7df88ddcdbff
b10a5ba357e94a32da9fe22b6ab75dff32acb1c5
14cf35e4c23303293e373636b3bddfebbffca8c6cdf7404d645d0078a5d49b81

HTTP Headers

GET /navbar.g?targetBlogID=1794519403126134013&blogName=All+That+Glitters+In+First+Grade&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://allthatglittersinfirstgrade.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://allthatglittersinfirstgrade.blogspot.com/&vt=7848240109773970793&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 18:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2610
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i1090.photobucket.com/albums/i366/dreamlikemagic/side-120.png

143.204.55.54

200 OK

308 B

URL HTTP/2
i1090.photobucket.com/albums/i366/dreamlikemagic/side-120.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
308 B (308 bytes)
Hash
87243dde03d7e2cb23c377a350bc371d
01aef42fb6f1881ebcd7cc6858750088fdeb47a1
9d6c44d3d7df4b5c83ebf893b567493ffa983997d1ba9027f0bfa91fd43c9fc7

HTTP Headers

GET /albums/i366/dreamlikemagic/side-120.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 308
date: Fri, 09 Dec 2022 18:41:44 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="side-120.webp"
expires: Sat, 09 Dec 2023 18:41:44 GMT
server: photobucket
x-amzn-trace-id: Root=1-63938168-14b801c46ccb5bb55660196d
x-request-id: iJ9S963aVi9iRzPodKg9b
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wc24Dxk5kE4JNsedcs-7ktm83B_L9AHTSRP3OnAbHgx30QlRbueYyQ==
vary: Accept, Origin
X-Firefox-Spdy: h2

i1205.photobucket.com/albums/bb428/kpmdoodles/blogbuttonkpm.jpg

143.204.55.54

200 OK

6.6 kB

URL HTTP/2
i1205.photobucket.com/albums/bb428/kpmdoodles/blogbuttonkpm.jpg
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
6.6 kB (6606 bytes)
Hash
32c13717006e0d464d4b61e3b8849402
5d464fcbd9af5780ceb053e23f25d96e5ca9d0f4
0a550edcc39d763f37ac19797696373d85646e93e8bcb14c6d99798f6bf20875

HTTP Headers

GET /albums/bb428/kpmdoodles/blogbuttonkpm.jpg HTTP/1.1
Host: i1205.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 6606
date: Fri, 09 Dec 2022 18:41:44 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="blogbuttonkpm.webp"
expires: Sat, 09 Dec 2023 18:41:44 GMT
server: photobucket
x-amzn-trace-id: Root=1-63938168-17db8d743e836f0d01460382
x-request-id: 36ogEt7To3Mz8vEWvLVzh
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cGZaRCn93Ky1u2f9EoGGLielSCTyTZdTulg2KKmuhzUOaNm9661Sfg==
vary: Accept, Origin
X-Firefox-Spdy: h2

i1090.photobucket.com/albums/i366/dreamlikemagic/bg-1516.png

143.204.55.54

200 OK

69 kB

URL HTTP/2
i1090.photobucket.com/albums/i366/dreamlikemagic/bg-1516.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
69 kB (68886 bytes)
Hash
881d7e97cae17960481f037b66d8ba07
b4ed17174d239a81929763e20fbb150d3e67ac4d
62656090d43b87d80e6e89e44f5e85052f4284356c0fccbcc6ee0fcf5860f6bc

HTTP Headers

GET /albums/i366/dreamlikemagic/bg-1516.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 68886
date: Fri, 09 Dec 2022 18:41:44 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="bg-1516.webp"
expires: Sat, 09 Dec 2023 18:41:44 GMT
server: photobucket
x-amzn-trace-id: Root=1-63938168-326816e274d42c327c36072d
x-request-id: kTVe_Nx2GnrhWK8vUYLuF
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ELVzEw9pngw6SoyXWXkOzwwkp0GezhMuPxHpFD9YMeQbDCl-uuadkg==
vary: Accept, Origin
X-Firefox-Spdy: h2

www.teacherspayteachers.com/widgets/get/3134

104.66.112.207

200 OK

820 B

URL HTTP/1.1
www.teacherspayteachers.com/widgets/get/3134
IP
104.66.112.207:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with CRLF line terminators
Size
820 B (820 bytes)
Hash
b99faf01eb4341f24dfc83f586bf7717
37508820944b6064962669cb418d6c167e8c388b
ea54be3256baa88c7813baaf431a2c70a2b383e5c1bec07639aae65375d46358

HTTP Headers

GET /widgets/get/3134 HTTP/1.1
Host: www.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
X-Request-Trace-Id: 63938168-85f0-4ab1-a40b-474f102191d0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Frame-Options: ALLOWALL
Content-Encoding: gzip
Content-Length: 820
Date: Fri, 09 Dec 2022 18:41:44 GMT
Connection: keep-alive
Set-Cookie: ajs_anonymous_id=4151e891-794e-4f37-82fb-180efd43b452; expires=Mon, 06-Dec-2032 18:41:44 GMT; Max-Age=315360000; path=/; domain=.teacherspayteachers.com
Ti=dbf61b9e-54f1-45e5-84e2-60b736219f59
TPTC=40d47272b75a88ab79db0963c47b4330; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1670611303; path=/; domain=.teacherspayteachers.com
TPTU=40d47272b75a88ab79db0963c47b4330; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1670611303; path=/; domain=.teacherspayteachers.com
GAPI=removecachecookie; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1670611303; path=/; secure; httponly
TPT-GROUP=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.teacherspayteachers.com
darklyUser=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
TPT-AB-HASH=c50555a5c048b02169d46d4984149949; expires=Sat, 09-Dec-2023 18:41:44 GMT; Max-Age=31536000; path=/; domain=.teacherspayteachers.com
TPT=sav4d1lk839utgdimr5hvu5592; expires=Fri, 09-Dec-2022 20:41:44 GMT; Max-Age=7200; path=/; domain=.teacherspayteachers.com; secure; HttpOnly
device=desktop; expires=Fri, 23-Dec-2022 18:41:44 GMT; Max-Age=1209600; path=/; domain=.teacherspayteachers.com
csrfToken=76bb3961fd9c841ef1b944f402009e9454283595d05c2c7bb64b3f7bf7a185757a59f2f6e96a95a0c743d30142de04f83344b9b9552e1336bc9daf3ef96e4656.1670611304.3397; path=/; domain=.teacherspayteachers.com; secure
Strict-Transport-Security: max-age=63072000; includeSubdomains

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
101b88a5a141e4659cc3150b7ca565b6
898ea48b6bb3c316e651cb4bc6451be06c050ab9
5ae54f788fa6724f16af03528f24db2ecbbefd8e5fc9af7fb2a79551911ca09f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3015
Cache-Control: max-age=166878
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Etag: "63935e7f-1d7"
Expires: Sun, 11 Dec 2022 17:03:02 GMT
Last-Modified: Fri, 09 Dec 2022 16:12:47 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

www.goodreads.com/?shelfari_flash=true

52.94.237.126

200 OK

20 kB

URL HTTP/1.1
www.goodreads.com/?shelfari_flash=true
IP
52.94.237.126:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6197)
Size
20 kB (19727 bytes)
Hash
4319ca0d94320f401e7204c7016be780
c4ea151306b60bcd606669ef0f24599b6de21e48
076ea864932321a9be8376c472f365169e67b888934d3ef4cd0a39f3e6ecb7c2

HTTP Headers

GET /?shelfari_flash=true HTTP/1.1
Host: www.goodreads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Server
Date: Fri, 09 Dec 2022 18:41:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-rid: AV4E0FE9XTJBYZQ8C70P
Set-Cookie: ccsid=578-2950645-3940732; path=/; expires=Tue, 09 Dec 2042 18:41:44 -0000
locale=en; path=/
_session_id2=85d7c7c122dfceea016cb6e4e2a16ae1; path=/; expires=Sat, 10 Dec 2022 00:41:44 -0000; HttpOnly
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
ETag: W/"18c6d940755b545a1beef7fb8828aab8"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: AV4E0FE9XTJBYZQ8C70P
X-Runtime: 0.143741
X-Content-Type-Options: nosniff, nosniff
Content-Encoding: gzip
Vary: User-Agent,Content-Type,Accept-Encoding,User-Agent

static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/jfhkzk0jci3.css?_nc_x=Ij3Wp8lg5Kz

157.240.221.16

200 OK

5.0 kB

URL HTTP/2
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/jfhkzk0jci3.css?_nc_x=Ij3Wp8lg5Kz
IP
157.240.221.16:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (4431)
Size
5.0 kB (5015 bytes)
Hash
0d5c092c6b11d59ef4cca6da9c288e67
1e1109590bec09b0c84b31dead5d04a221630143
dd829a562de3cff3683e66e7c4323cba6bf39bac959088788d354d6b087d5aca

HTTP Headers

GET /rsrc.php/v3/y1/l/0,cross/jfhkzk0jci3.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 08 Dec 2023 16:03:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: DVwJLGsR1Z70zKbanCiOZw==
x-fb-debug: 389s1Q0jV1kfVfp+5ofqe1p4Wboooon02N+xLT1dkxN6QhxcXNJlg6PjCudlkmYdmD7peEKeKG3VgQUqHmP9sg==
priority: u=3,i
content-length: 5015
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 18:41:44 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i1090.photobucket.com/albums/i366/dreamlikemagic/main-30.png

143.204.55.54

301 Moved Permanently

167 B

URL HTTP/1.1
i1090.photobucket.com/albums/i366/dreamlikemagic/main-30.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/i366/dreamlikemagic/main-30.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 09 Dec 2022 18:41:44 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i1090.photobucket.com/albums/i366/dreamlikemagic/main-30.png
X-Cache: Redirect from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GE4WpkmheUT1eMmaM4CSvhidqduTHtGc4la2-BLPvx4lxXHwiwq-mg==
Vary: Origin

kevinandamanda.com/buttons/fsf.jpg

188.114.96.1

503 Service Temporarily Unavailable

188 B

URL HTTP/1.1
kevinandamanda.com/buttons/fsf.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
188 B (188 bytes)
Hash
7a0eb434d044f6d418d41520a7e677fe
1d0aa66b6a2cabf7c013e90a38b681bce53857bc
4a236cb6a986c5d307e0eabc396e232bbd8bb73819dd15104e4b109a28c7c558

HTTP Headers

GET /buttons/fsf.jpg HTTP/1.1
Host: kevinandamanda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 503 Service Temporarily Unavailable
Date: Fri, 09 Dec 2022 18:41:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cutQccmApmAjkQUHB6Yx2JlnqqJFxdcyZvJ2t7sGrQiQhP9aom%2BrSvE6%2FKO%2F%2FiM57g3wKCWq4%2FeTpuV%2ByhTaNocEketomYtjiOX8WJHlv4TFzFT8R67uyJwsYg6hIoxDRCMmFHk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776fe06d4e5a1bfa-OSL
alt-svc: h2=":443"; ma=60

i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/header-1557.png

143.204.55.54

200 OK

55 kB

URL HTTP/2
i1090.photobucket.com/albums/i366/dreamlikemagic/blogs/header-1557.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
55 kB (55144 bytes)
Hash
f3fd31627c3e6622bef13d309be5dc73
ab11112b8200e7e983203e491f0bde8339cf5d33
95871a3fad3c76fd081ccd12337f48c1b9ec9bb8174f57d31edafdcacffe58cf

HTTP Headers

GET /albums/i366/dreamlikemagic/blogs/header-1557.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 55144
date: Fri, 09 Dec 2022 18:41:44 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="header-1557.webp"
expires: Sat, 09 Dec 2023 18:41:44 GMT
server: photobucket
x-amzn-trace-id: Root=1-63938168-44df4633262ef139178e927c
x-request-id: zdnTSAljpYQp6w76fHurN
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cgSldievyUIfgYwXJRLk9mK6d_Z0C_hA7DqlAw_tHiiVUXBiwbJXhA==
vary: Accept, Origin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i1090.photobucket.com/albums/i366/dreamlikemagic/main-30.png

143.204.55.54

200 OK

314 B

URL HTTP/2
i1090.photobucket.com/albums/i366/dreamlikemagic/main-30.png
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
314 B (314 bytes)
Hash
aa12b693a971876efc318f0b409f9909
b23869ed7a41e0bafdc58e0fedb40a49e3c2b11e
eca09f8dd0cf799c4ae1630bfc5c3c22951b3187e5f7108220aa52e13474d235

HTTP Headers

GET /albums/i366/dreamlikemagic/main-30.png HTTP/1.1
Host: i1090.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 314
date: Fri, 09 Dec 2022 18:41:44 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="main-30.webp"
expires: Sat, 09 Dec 2023 18:41:44 GMT
server: photobucket
x-amzn-trace-id: Root=1-63938168-7e744da254cf7216232420d3
x-request-id: y1Bp36hLUwaWWPCW9rM4Y
x-cache: Miss from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F04gg4vzrl5iKwuCp8lukMk4hBbSOiKkQa57GFrn0rAza4rtixAcaA==
vary: Accept, Origin
X-Firefox-Spdy: h2

allthatglittersinfirstgrade.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmBmuZIG0CxICwTuVc2eiHV3EDOxAmGxrKVOt2p21xX2mBZgjs7gtXGtMt1Jr0ydo52m8Rh7lbBmjOAhX1X5lSdP_sA3NA

172.217.21.161

200 OK

261 B

URL HTTP/1.1
allthatglittersinfirstgrade.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmBmuZIG0CxICwTuVc2eiHV3EDOxAmGxrKVOt2p21xX2mBZgjs7gtXGtMt1Jr0ydo52m8Rh7lbBmjOAhX1X5lSdP_sA3NA
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (409), with no line terminators
Size
261 B (261 bytes)
Hash
8a00c2beb2ee8c4829fc372edc5789fe
fd96b30dd6a65669d9f750b601cbc374a5b41d5c
22d356fedfc36289ec2e69814e692a62939e9f44b57d3cc06e5b925981e3c949

HTTP Headers

GET /b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmBmuZIG0CxICwTuVc2eiHV3EDOxAmGxrKVOt2p21xX2mBZgjs7gtXGtMt1Jr0ydo52m8Rh7lbBmjOAhX1X5lSdP_sA3NA HTTP/1.1
Host: allthatglittersinfirstgrade.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 18:41:44 GMT
Expires: Fri, 09 Dec 2022 18:41:44 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 261
Server: GSE

2.bp.blogspot.com/-ly5DJctXZ7k/VLadR8ciKvI/AAAAAAAADTQ/Or4jxDY5rTI/s45-c/Fun%25252Band%25252BFearless%25252Bin%25252BFirst%25252BButton.png

142.250.74.161

200 OK

4.7 kB

URL HTTP/2
2.bp.blogspot.com/-ly5DJctXZ7k/VLadR8ciKvI/AAAAAAAADTQ/Or4jxDY5rTI/s45-c/Fun%25252Band%25252BFearless%25252Bin%25252BFirst%25252BButton.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
4.7 kB (4657 bytes)
Hash
0f4aab926324fb14b3d13f4e998de3b3
887b001394b98f7733045c13ff1d3f9a4310e10e
86ac5c4c3088075aeb35d2a9223897a880e9dd7a70f5ff2132ad569079ee51e2

HTTP Headers

GET /-ly5DJctXZ7k/VLadR8ciKvI/AAAAAAAADTQ/Or4jxDY5rTI/s45-c/Fun%25252Band%25252BFearless%25252Bin%25252BFirst%25252BButton.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vd36"
expires: Sat, 10 Dec 2022 18:41:44 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Fun%2Band%2BFearless%2Bin%2BFirst%2BButton.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 18:41:44 GMT
server: fife
content-length: 4657
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5bdd65780397c16e1f11d2144025fed
7631c404b4f9bcb38d95ef6527de5b9ca8104579
bc8cdd03ed2e87ad1405c91f28d8d6a3b88972f75756e531e854165111b07ecd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:41:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

2.bp.blogspot.com/-RcM-qT7W4Ts/T9kwerqYZRI/AAAAAAAAATY/RMmAx_3Ogd0/s45-c/spedventuresbutton.png

142.250.74.161

200 OK

3.9 kB

URL HTTP/2
2.bp.blogspot.com/-RcM-qT7W4Ts/T9kwerqYZRI/AAAAAAAAATY/RMmAx_3Ogd0/s45-c/spedventuresbutton.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3904 bytes)
Hash
30b26fbbf5d49608b21ce85ea1af9cd7
a28178184889cc990a25eea973219c8ffc1ba777
590e198a2f0de97a7614c6b64d4dd444f6f48d4bda9fb31772dc061a6dcda0fc

HTTP Headers

GET /-RcM-qT7W4Ts/T9kwerqYZRI/AAAAAAAAATY/RMmAx_3Ogd0/s45-c/spedventuresbutton.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v136"
expires: Sat, 10 Dec 2022 18:41:45 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="spedventuresbutton.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 18:41:45 GMT
server: fife
content-length: 3904
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 18:41:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 18:41:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 18:41:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 18:41:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2189
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 18:41:45 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5188 bytes)
Hash
fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 16:56:53 GMT
age: 6292
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7897 bytes)
Hash
8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 53999
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6578 bytes)
Hash
8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 54438
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5169 bytes)
Hash
06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 52377
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7557 bytes)
Hash
5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 52478
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12748 bytes)
Hash
730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:44:29 GMT
age: 39436
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

allthatglittersinfirstgrade.blogspot.com/favicon.ico

172.217.21.161

200 OK

412 B

URL HTTP/1.1
allthatglittersinfirstgrade.blogspot.com/favicon.ico
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size
412 B (412 bytes)
Hash
501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: allthatglittersinfirstgrade.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/

HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Fri, 09 Dec 2022 18:41:45 GMT
Date: Fri, 09 Dec 2022 18:41:45 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sun, 04 Dec 2022 18:35:12 GMT
ETag: W/"05903bf530b3404d2fb455a181d11d2afe815c6f292ece71816d4aebef9349a9"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE

2.bp.blogspot.com/-hTcapDYqBYU/UbIpv_-Sk9I/AAAAAAAAAHM/l4TwEZXyclc/s45-c/alisha%252525252Bthanksgiving%252525252B2%252525252Bnov%252525252B2012%252525252Bb%252525252B%252525252526%252525252Bw%252525252Bresized%252525252B60.jpg

142.250.74.161

200 OK

1.8 kB

URL HTTP/2
2.bp.blogspot.com/-hTcapDYqBYU/UbIpv_-Sk9I/AAAAAAAAAHM/l4TwEZXyclc/s45-c/alisha%252525252Bthanksgiving%252525252B2%252525252Bnov%252525252B2012%252525252Bb%252525252B%252525252526%252525252Bw%252525252Bresized%252525252B60.jpg
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Size
1.8 kB (1824 bytes)
Hash
19d5613174e3dde375dcff3afcb2455d
4735ee4f15395d75743eb0d2bc88b2d316a5beaa
d699a90d0de9f7e7aa90ff7063ef81c158f5237d838be2fa9188c3dd14ecbfb3

HTTP Headers

GET /-hTcapDYqBYU/UbIpv_-Sk9I/AAAAAAAAAHM/l4TwEZXyclc/s45-c/alisha%252525252Bthanksgiving%252525252B2%252525252Bnov%252525252B2012%252525252Bb%252525252B%252525252526%252525252Bw%252525252Bresized%252525252B60.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v74"
expires: Sat, 10 Dec 2022 18:41:45 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="alisha%25252Bthanksgiving%25252B2%25252Bnov%25252B2012%25252Bb%25252B%25252526%25252Bw%25252Bresized%25252B60.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 18:41:45 GMT
server: fife
content-length: 1824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.teacherspayteachers.com/widgets/show/3134?widgetref=http://allthatglittersinfirstgrade.blogspot.com/

104.66.112.207

200 OK

1.4 kB

URL HTTP/1.1
www.teacherspayteachers.com/widgets/show/3134?widgetref=http://allthatglittersinfirstgrade.blogspot.com/
IP
104.66.112.207:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (663), with CRLF, LF line terminators
Size
1.4 kB (1353 bytes)
Hash
e9f4fbf6ad255e773ea6ac3207e76f95
aaeba52e03eff3c49dcee6b54310902befe9476e
b4d50907a5fa04fb8df8283e8a7dee92a64549e80ab9266ec2990fd3d430e874

HTTP Headers

GET /widgets/show/3134?widgetref=http://allthatglittersinfirstgrade.blogspot.com/ HTTP/1.1
Host: www.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
X-Request-Trace-Id: 63938169-0eac-4317-b2b8-4875102191d0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 09 Dec 2022 18:41:45 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Frame-Options: ALLOWALL
Content-Encoding: gzip
Content-Length: 1353
Date: Fri, 09 Dec 2022 18:41:45 GMT
Connection: keep-alive
Set-Cookie: ajs_anonymous_id=4ddade91-8b60-4a17-a9c5-7596c7d2f255; expires=Mon, 06-Dec-2032 18:41:45 GMT; Max-Age=315360000; path=/; domain=.teacherspayteachers.com
Ti=716f7973-9d48-4eaf-9281-570b0064b390
TPTC=80cb90e1d18b8328511be949e4a9632f; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1670611304; path=/; domain=.teacherspayteachers.com
TPTU=80cb90e1d18b8328511be949e4a9632f; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1670611304; path=/; domain=.teacherspayteachers.com
GAPI=removecachecookie; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1670611304; path=/; secure; httponly
TPT-GROUP=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.teacherspayteachers.com
darklyUser=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
TPT-AB-HASH=319bf8cf09c70c5de99048342153ea9a; expires=Sat, 09-Dec-2023 18:41:45 GMT; Max-Age=31536000; path=/; domain=.teacherspayteachers.com
TPT=quoak7s6onvtqlvb45qrigctq5; expires=Fri, 09-Dec-2022 20:41:45 GMT; Max-Age=7200; path=/; domain=.teacherspayteachers.com; secure; HttpOnly
device=desktop; expires=Fri, 23-Dec-2022 18:41:45 GMT; Max-Age=1209600; path=/; domain=.teacherspayteachers.com
csrfToken=817355ca7da0d49a6ec33fe4af23192113d15f12e3a06a63568109ecbacc80ef68012642ca4e90cdebfb8ed10afc416b376172463a2283f8166d3f6f0f63ab27.1670611305.5116; path=/; domain=.teacherspayteachers.com; secure
Strict-Transport-Security: max-age=63072000; includeSubdomains

assets.teacherspayteachers.com/a93ad7fb4/img/widget/logo_v.png

23.38.200.36

200 OK

6.4 kB

URL HTTP/2
assets.teacherspayteachers.com/a93ad7fb4/img/widget/logo_v.png
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 189 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6432 bytes)
Hash
3add75529e1fa3c4465051b091bb7398
7a9ff334a0d1855c1c84c67f9d6c109817eea0a3
00f18f78fd3858d97bf59eebe973fcceea13f7e87c33ac5d953c04f49a752444

HTTP Headers

GET /a93ad7fb4/img/widget/logo_v.png HTTP/1.1
Host: assets.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.teacherspayteachers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: rtJPVwwW+zhZCnxipXXLOwZrGkD6QVaoKJnB/6oIEswWEgLdQfBb+RE5xp94292Db9DaG+NYUU8=
x-amz-request-id: 3YMTNFWYTNDTXZXY
last-modified: Fri, 09 Dec 2022 16:01:36 GMT
etag: "3add75529e1fa3c4465051b091bb7398"
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 6432
date: Fri, 09 Dec 2022 18:41:46 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
X-Firefox-Spdy: h2

assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery-1.11.1.min.js

23.38.200.36

200 OK

34 kB

URL HTTP/2
assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery-1.11.1.min.js
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (32073)
Size
34 kB (33586 bytes)
Hash
007a9a247c6d2fbe2affc3adc87309bc
b47a7b0cb8cc7cd22248f4e9b76fadad783217c1
2de7586b128e06e1ea0391c55eaa1be7d174edc700393f246fa7d6231d987f78

HTTP Headers

GET /a93ad7fb4/js-min/vendor/jquery-1.11.1.min.js HTTP/1.1
Host: assets.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teacherspayteachers.com
Connection: keep-alive
Referer: https://www.teacherspayteachers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
x-amz-id-2: 6/VMEy96d21+n/+cCW4D9R3iYT+jOFBLvdj7SumQVj0pWw4sTV+bzqQZ1N/FUW2uRe6kdTTszgQ=
x-amz-request-id: 3YMGT1MZTM5KRS4P
last-modified: Fri, 09 Dec 2022 16:01:07 GMT
etag: "beb521d7a1e436bd2b55b522429df502"
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 09 Dec 2022 18:41:46 GMT
content-length: 33586
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
X-Firefox-Spdy: h2

assets.teacherspayteachers.com/a93ad7fb4/css/customer/tpt_widget.min.css

23.38.200.36

200 OK

1.8 kB

URL HTTP/2
assets.teacherspayteachers.com/a93ad7fb4/css/customer/tpt_widget.min.css
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (5880), with no line terminators
Size
1.8 kB (1775 bytes)
Hash
05b1eb06f9e82b9b21861707c662aae7
b27bfd496911642760e5a46d153b9804290018bb
c852e336c40b1f9d63054ae295001af2d691dff5e225fe2e45fa883848fb8f2d

HTTP Headers

GET /a93ad7fb4/css/customer/tpt_widget.min.css HTTP/1.1
Host: assets.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.teacherspayteachers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
x-amz-id-2: B7QwguC6b+EGRZd/Hn87m3G5e3PefsRWyN6oCUHvKlKYjIlsk0WZjjOA0NUkq6RZPr1KMFPibaw=
x-amz-request-id: 3YMNFRBJN6H2A6K4
last-modified: Fri, 09 Dec 2022 16:01:26 GMT
etag: "25b861b73e480c19137444ab6fda738e"
accept-ranges: bytes
content-type: text/css
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 09 Dec 2022 18:41:46 GMT
content-length: 1775
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
X-Firefox-Spdy: h2

assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery.browser.js

23.38.200.36

200 OK

1.4 kB

URL HTTP/2
assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery.browser.js
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (4154)
Size
1.4 kB (1416 bytes)
Hash
5f6fdb44a4566cf41b57cc4c4fc5413b
5bf9be92ae2d6907438c654efe31a6c91c934c64
dd1e624ca6ffbd761a0e2b7e3c42096913f92423286284fe0ccb28adbcb18372

HTTP Headers

GET /a93ad7fb4/js-min/vendor/jquery.browser.js HTTP/1.1
Host: assets.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teacherspayteachers.com
Connection: keep-alive
Referer: https://www.teacherspayteachers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
x-amz-id-2: Z1crN1Km/oKhMPcEqhSkDWG8cnfEne9X3sqwft4yJ3C/5XNmWL0YTOjx71YY28xryXn11x1BgI4=
x-amz-request-id: 3YMRPRSB7XD22GRX
last-modified: Fri, 09 Dec 2022 16:01:07 GMT
etag: "5b4e2b6691907d9b92313a4c4704aaa4"
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 09 Dec 2022 18:41:46 GMT
content-length: 1416
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
X-Firefox-Spdy: h2

assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery.cycle.all.js

23.38.200.36

200 OK

7.5 kB

URL HTTP/2
assets.teacherspayteachers.com/a93ad7fb4/js-min/vendor/jquery.cycle.all.js
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (26100)
Size
7.5 kB (7545 bytes)
Hash
a6421b79482d050d58800522a8918242
0e624712794effa0fcaef788477036bb7cc01949
5d3c1d877650675c04e55bee68a5870cfde3aa42deff41accbb58c82a4b36721

HTTP Headers

GET /a93ad7fb4/js-min/vendor/jquery.cycle.all.js HTTP/1.1
Host: assets.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teacherspayteachers.com
Connection: keep-alive
Referer: https://www.teacherspayteachers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
x-amz-id-2: 7b1RkBfBjBGQo3nPhv9E44syi1uWWlDi5TVPiRZbH+g9Re847iLZwFjEdtEV11bXXy8/KPmJ7LE=
x-amz-request-id: 3YMSAHW6B6CFSY3Z
last-modified: Fri, 09 Dec 2022 16:01:07 GMT
etag: "44ed443535dae171e3a9540698056a8c"
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 09 Dec 2022 18:41:46 GMT
content-length: 7545
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
X-Firefox-Spdy: h2

assets.teacherspayteachers.com/a93ad7fb4/img/widget/bg_v.png?rand=123

23.38.200.36

200 OK

1.1 kB

URL HTTP/2
assets.teacherspayteachers.com/a93ad7fb4/img/widget/bg_v.png?rand=123
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 200 x 365, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1127 bytes)
Hash
332bd83566ea633b3614eb22381bd4e2
52be409c60c5966424379a131d3f99612b0a83f6
b648b3a7628475a41aacbda8ebff0a44f186644eae004ed5c42b5f1a8d10ae89

HTTP Headers

GET /a93ad7fb4/img/widget/bg_v.png?rand=123 HTTP/1.1
Host: assets.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.teacherspayteachers.com/a93ad7fb4/css/customer/tpt_widget.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-amz-id-2: HkokdqhAmxp1Eiy5j58Rwm+2yj8KNSZ1rkw3CsdsmbHCLhcM15fs2Y4LSAXGN5dWsUl6Az50uJ8=
x-amz-request-id: 396SK2CQG9M1AE06
last-modified: Fri, 09 Dec 2022 16:01:36 GMT
etag: "332bd83566ea633b3614eb22381bd4e2"
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 1127
date: Fri, 09 Dec 2022 18:41:46 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
X-Firefox-Spdy: h2

assets.teacherspayteachers.com/a93ad7fb4/img/widget/prev_btn_inactive.png?rand=123

23.38.200.36

200 OK

390 B

URL HTTP/2
assets.teacherspayteachers.com/a93ad7fb4/img/widget/prev_btn_inactive.png?rand=123
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 39 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
390 B (390 bytes)
Hash
e50ca6306b5fbe2b40e0a18a1e2d54b0
647fa1b7457477c139c9c39ce517afd19fa91cba
0145887185eabae981b19fc3fa5bf59b6b3c244dc0ed70028714e664d035084f

HTTP Headers

GET /a93ad7fb4/img/widget/prev_btn_inactive.png?rand=123 HTTP/1.1
Host: assets.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.teacherspayteachers.com/a93ad7fb4/css/customer/tpt_widget.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-amz-id-2: HJXrB+T3/8emPVuDKlZapVzxVEVWvF/AgDTVYWMPMFaUC/Rs9R++fIPGo8EN6rhiNSVuxzmlqVE=
x-amz-request-id: 396HTMDDWB07GFFG
last-modified: Fri, 09 Dec 2022 16:01:36 GMT
etag: "e50ca6306b5fbe2b40e0a18a1e2d54b0"
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 390
date: Fri, 09 Dec 2022 18:41:46 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
X-Firefox-Spdy: h2

assets.teacherspayteachers.com/a93ad7fb4/img/widget/next_btn.png?rand=123

23.38.200.36

200 OK

457 B

URL HTTP/2
assets.teacherspayteachers.com/a93ad7fb4/img/widget/next_btn.png?rand=123
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 39 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
457 B (457 bytes)
Hash
7da1f5a279a9b7c908daa87977843c3d
ae441930b0cb5f51b36cb4201ecde309427855ba
e08cb01ab4b8d1bf5c20cfb53abff0f2f889cecb576e9758f7058ca2c544fe2c

HTTP Headers

GET /a93ad7fb4/img/widget/next_btn.png?rand=123 HTTP/1.1
Host: assets.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.teacherspayteachers.com/a93ad7fb4/css/customer/tpt_widget.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-amz-id-2: exu7yIu2XnVIiFkCFH7glD6QzV/QR6eibAeU2rv36zYR25M1JWduxD8A80q+Lo0iJs3tJ9sGazo=
x-amz-request-id: 396W6HYMTWFRWC5M
last-modified: Fri, 09 Dec 2022 16:01:36 GMT
etag: "7da1f5a279a9b7c908daa87977843c3d"
accept-ranges: bytes
content-type: image/png
server: AmazonS3
content-length: 457
date: Fri, 09 Dec 2022 18:41:46 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
access-control-allow-origin: *
X-Firefox-Spdy: h2

ecdn.teacherspayteachers.com/thumbitem/Sound-of-the-Day-Consonant-Blends/home-464896-1.jpg

23.38.200.36

200 OK

9.4 kB

URL HTTP/2
ecdn.teacherspayteachers.com/thumbitem/Sound-of-the-Day-Consonant-Blends/home-464896-1.jpg
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 140x140, components 3\012- data
Size
9.4 kB (9372 bytes)
Hash
14d20d1c0593b1e1f669c319c9b2712d
9d82edcd6627cb86310b5c04b296bf5c79d114c1
a4883b00a2a4db5c201db0ccdcc86c1cf0271baac3d24046f394974c1ec5ab6b

HTTP Headers

GET /thumbitem/Sound-of-the-Day-Consonant-Blends/home-464896-1.jpg HTTP/1.1
Host: ecdn.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.teacherspayteachers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
etag: "14d20d1c0593b1e1f669c319c9b2712d"
last-modified: Fri, 08 Apr 2016 10:55:55 GMT
server: nginx/1.23.1
x-amz-id-2: DP6BRYmSpIBIv3jcHf47uzxqIyZAQ3egbdx/HuV78caSxoheeFgzMNTMrNWN9ocZ4HSfh249QzE=
x-amz-request-id: 110Z5T8KYA4JYCBM
x-amz-version-id: null
content-length: 9372
date: Fri, 09 Dec 2022 18:41:46 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=27, origin; dur=158
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

ecdn.teacherspayteachers.com/thumbitem/We-Love-Breakfast-Money-and-Time-Math-Centers/home-210532-1.jpg

23.38.200.36

200 OK

13 kB

URL HTTP/2
ecdn.teacherspayteachers.com/thumbitem/We-Love-Breakfast-Money-and-Time-Math-Centers/home-210532-1.jpg
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 140x140, components 3\012- data
Size
13 kB (13294 bytes)
Hash
17a869f6cf1df30f6f7193e68e2a149b
0df1451a23c1351b1cba094d0a7b9dadca59537e
11e6625ee60e96db9748319eb1b165ebd84237549a9d5b0afb37f3097b9ad98f

HTTP Headers

GET /thumbitem/We-Love-Breakfast-Money-and-Time-Math-Centers/home-210532-1.jpg HTTP/1.1
Host: ecdn.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.teacherspayteachers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
etag: "17a869f6cf1df30f6f7193e68e2a149b"
last-modified: Tue, 05 Apr 2016 05:05:41 GMT
server: nginx/1.23.1
x-amz-id-2: EJ3OL7T4mzmtZ4CEgobrvVboSYBeTWIMH/cd4vWs67zOY01DXkq2vIDUf0l937KFYxerXm9OEaE=
x-amz-request-id: 110P6662A2NZPBXE
x-amz-version-id: null
content-length: 13294
date: Fri, 09 Dec 2022 18:41:46 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=43, origin; dur=163
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

ecdn.teacherspayteachers.com/thumbitem/Amazing-Affirmations-K-2-grades-083063000-1376529313/home-828457-1.jpg

23.38.200.36

200 OK

13 kB

URL HTTP/2
ecdn.teacherspayteachers.com/thumbitem/Amazing-Affirmations-K-2-grades-083063000-1376529313/home-828457-1.jpg
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 140x140, components 3\012- data
Size
13 kB (13191 bytes)
Hash
10deddc4b72b8a91775812ca74c9a06d
111642f9f1610ee38dcbe192e5fefbf7dce6d8f5
a6d241b7d2462d689ded87522c60adf16ce1ea7023ab45a8b1b7a6578127d03a

HTTP Headers

GET /thumbitem/Amazing-Affirmations-K-2-grades-083063000-1376529313/home-828457-1.jpg HTTP/1.1
Host: ecdn.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.teacherspayteachers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
etag: "10deddc4b72b8a91775812ca74c9a06d"
last-modified: Wed, 13 Apr 2016 08:14:58 GMT
server: nginx/1.23.1
x-amz-id-2: 9mvZTFBVul4ryW9LAKfPxYXQpagjPwYRHZl7JR+PYKeDNGwjzHxzSwThcBH7nd57PNuO+KDlcGo=
x-amz-request-id: 110QKSV25NAH5T41
x-amz-version-id: null
content-length: 13191
date: Fri, 09 Dec 2022 18:41:46 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=24, origin; dur=203
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

ecdn.teacherspayteachers.com/thumbitem/Blend-Bling-Necklaces-Beginning-and-Ending-Blends/home-602953-1.jpg

23.38.200.36

200 OK

8.8 kB

URL HTTP/2
ecdn.teacherspayteachers.com/thumbitem/Blend-Bling-Necklaces-Beginning-and-Ending-Blends/home-602953-1.jpg
IP
23.38.200.36:0
ASN
#16625 AKAMAI-AS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 140x140, components 3\012- data
Size
8.8 kB (8823 bytes)
Hash
5af2812c2e01d71bc95d39fd41dd3287
10bfefd1829b02fa1f7a98916e97e7630f8965bc
26d4bb8e27470a7629a360f529ddb38f4588e82fa0422d3966eb20658673f51d

HTTP Headers

GET /thumbitem/Blend-Bling-Necklaces-Beginning-and-Ending-Blends/home-602953-1.jpg HTTP/1.1
Host: ecdn.teacherspayteachers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.teacherspayteachers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
etag: "5af2812c2e01d71bc95d39fd41dd3287"
last-modified: Tue, 12 Apr 2016 01:11:57 GMT
server: nginx/1.23.1
x-amz-id-2: U9+mFAJ69qSXSG8uQ3FcVHZb2l01cvIwfiGtJNstgO7j3pM5rpVJW+Rg0fo9hGMeTs4JvcDbZlw=
x-amz-request-id: 110WS86SVT842Q8Q
x-amz-version-id: null
content-length: 8823
date: Fri, 09 Dec 2022 18:41:46 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=379
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

157.240.221.35

200 OK

0 B

URL HTTP/2
www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false
IP
157.240.221.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages/All-That-Glitters-in-First-Grade/218452381634495?id=218452381634495&sk=likes&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=true&header=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://allthatglittersinfirstgrade.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: /BOBGQqnbfDrHwPKW7VIRBaN9Y1lkhOuogU53kuPxz4N+F/E3DVl6js/XPTjMOM2cyXDNI6ygQNrNuGwdiCixg==
date: Fri, 09 Dec 2022 18:41:44 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (37)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations