r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3522
Expires: Fri, 02 Dec 2022 08:54:22 GMT
Date: Fri, 02 Dec 2022 07:55:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 820
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:55:40 GMT
Last-Modified: Fri, 02 Dec 2022 07:42:00 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7155
Expires: Fri, 02 Dec 2022 09:54:55 GMT
Date: Fri, 02 Dec 2022 07:55:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 07:19:53 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2147
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1odk39HOqvx1qt5CS/sWzgmjtQAu/TDgKYtsZm8MGyqzVYi1PYw/wFWAbAyWd6wv+27rj/mqO4E=
x-amz-request-id: CTYFG9QRNZVTN63X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 07:46:01 GMT
age: 579
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:55:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 07:08:57 GMT
cache-control: public,max-age=3600
age: 2804
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
topvietravel.blogspot.kr/
172.217.21.161302 Moved Temporarily 179 B URL HTTP/1.1 topvietravel.blogspot.kr/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1277b5d5e9014791428cb503c29a4ea9
81482c8762f4d6a58ac0157415cf0bc2e45e9ba9
c16a531edf48b949de2844153e5972be0bb785c028be6c60c832a3543629b521
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: topvietravel.blogspot.kr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://topvietravel.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 02 Dec 2022 07:55:41 GMT
Expires: Fri, 02 Dec 2022 07:55:41 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 179
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 813
Cache-Control: max-age=91481
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:55:41 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:20:22 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y7ItKu/C068KTBiU1l2eMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hf5ZU/0tYSkXMfQ4/h8KKT4MZ4c=
fonts.googleapis.com/css?family=Skranji
142.250.74.106200 OK 334 B URL HTTP/1.1 fonts.googleapis.com/css?family=Skranji
IP 142.250.74.106:0
Hash 76dc30cf3ccfb7560db7b1f775bb7122
50288c7fd5b17591d54d9e0b58c535354b081025
dc670765e574ba2c98b37b33f21d704f87af5523a53e2b5bceeaaa0767cf90da
GET /css?family=Skranji HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 02 Dec 2022 07:55:41 GMT
Date: Fri, 02 Dec 2022 07:55:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Oswald
142.250.74.106200 OK 495 B URL HTTP/1.1 fonts.googleapis.com/css?family=Oswald
IP 142.250.74.106:0
Hash a4a32d3d207b2c021587e24e97d9a668
7eba49938cae3f0f1a7204f8ea5c1e24c21397df
2b5c3cdc80fd6a3c61185c1667e7a0fef0d1ce49066bafe2da8cdeba79301933
GET /css?family=Oswald HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 02 Dec 2022 07:55:41 GMT
Date: Fri, 02 Dec 2022 07:55:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267cc9d2fc0834e7dcc67cfd154a203e
c0730812ceab79d0708b847d7a62a7aba6d5e81d
1cdf3b1ad9cc8e3409a19df88fbc91053cf0823ca482f4e48edc074e13ff9435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:55:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
topvietravel.blogspot.com/
172.217.21.161200 OK 18 kB URL HTTP/1.1 topvietravel.blogspot.com/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (590)
Hash ea1c24bf2664bb4a7dea17f12de92964
ac4f4f12b4ef315d49e620954af3fe8748d60c4e
d05f7a3914b75bd0d6118ff3970f3ba69f0e1e91f5a1aff26aea69a349ecfa29
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: topvietravel.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 02 Dec 2022 07:55:41 GMT
Date: Fri, 02 Dec 2022 07:55:41 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 05 Dec 2021 03:53:18 GMT
ETag: W/"51ea719c5e1ff0d63fb1ee4ddc0a102874a9bb7b274cc319ddd6a185d088201d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 18265
Server: GSE
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.41200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.41:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:01:43 GMT
expires: Wed, 29 Nov 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/css
age: 237238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
142.250.74.42200 OK 34 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33593
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 12:11:43 GMT
Expires: Wed, 29 Nov 2023 12:11:43 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 243838
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js
142.250.74.42200 OK 63 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (64562)
Hash 468446a7240461af44b59ebb2047c231
47b7c525dc91bece99df0c414960b9490b986ba8
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6
GET /ajax/libs/jqueryui/1.9.2/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 62563
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 13:46:19 GMT
Expires: Sat, 25 Nov 2023 13:46:19 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 583762
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
topvietravel.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 topvietravel.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: topvietravel.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 02 Dec 2022 07:55:41 GMT
Expires: Fri, 09 Dec 2022 07:55:41 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 01 Dec 2022 17:52:02 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.41200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 267132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267cc9d2fc0834e7dcc67cfd154a203e
c0730812ceab79d0708b847d7a62a7aba6d5e81d
1cdf3b1ad9cc8e3409a19df88fbc91053cf0823ca482f4e48edc074e13ff9435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:55:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-eOpgXkqE7cw/UEyqFjfr6dI/AAAAAAAAAQs/A2JlJ2fios0/s1600/G+-open-new.png
142.250.74.161200 OK 1.0 kB URL HTTP/1.1 3.bp.blogspot.com/-eOpgXkqE7cw/UEyqFjfr6dI/AAAAAAAAAQs/A2JlJ2fios0/s1600/G+-open-new.png
IP 142.250.74.161:0
File type PNG image data, 107 x 43, 8-bit/color RGB, non-interlaced\012- data
Hash 8ff8f21f54d58159d7b403870b87f4f2
8e7800652e34d2b792571f512a5b556e61d13981
47e5cf61828ab1de61d749f41053c97228c64491b9713ae9e56a44e1869294f5
GET /-eOpgXkqE7cw/UEyqFjfr6dI/AAAAAAAAAQs/A2JlJ2fios0/s1600/G+-open-new.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="G+-open-new.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1034
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 04:44:43 GMT
Expires: Thu, 17 Nov 2022 09:09:02 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 11459
ETag: "v10b"
Content-Type: image/png
1.bp.blogspot.com/-82LWv3XyPKQ/UEypI664imI/AAAAAAAAAQk/CBSAuHp_lqA/s1600/TW-open-new.png
142.250.74.161200 OK 864 B URL HTTP/1.1 1.bp.blogspot.com/-82LWv3XyPKQ/UEypI664imI/AAAAAAAAAQk/CBSAuHp_lqA/s1600/TW-open-new.png
IP 142.250.74.161:0
File type PNG image data, 107 x 43, 8-bit/color RGB, non-interlaced\012- data
Hash 15fc9304307a8f4ffd4f43adc4186e87
fa26a3c76a4cbc25b5101ad5f6ca809a4d82432c
38152021f33e7b23131b48c46dc7e845c2318020c8709f4325d2a94d1f5441b0
GET /-82LWv3XyPKQ/UEypI664imI/AAAAAAAAAQk/CBSAuHp_lqA/s1600/TW-open-new.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="TW-open-new.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 864
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 04:44:43 GMT
Expires: Thu, 17 Nov 2022 08:25:11 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 11459
ETag: "v109"
Content-Type: image/png
3.bp.blogspot.com/-N67uPytUphw/UEyoTwSDa9I/AAAAAAAAAQc/yQjj5R6pBuI/s1600/FB-open-new.png
142.250.74.161200 OK 762 B URL HTTP/1.1 3.bp.blogspot.com/-N67uPytUphw/UEyoTwSDa9I/AAAAAAAAAQc/yQjj5R6pBuI/s1600/FB-open-new.png
IP 142.250.74.161:0
File type PNG image data, 107 x 43, 8-bit/color RGB, non-interlaced\012- data
Hash ec0d978293d7efbcf19909517d840b38
18f62d7112384944909dcc3baa42f5d8fbc6a34c
c4de4690947e9851dd25da31acfd3ad0daa820d552aa46472abe4a4d6ffc0f18
GET /-N67uPytUphw/UEyoTwSDa9I/AAAAAAAAAQc/yQjj5R6pBuI/s1600/FB-open-new.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="FB-open-new.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 762
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 04:44:43 GMT
Expires: Wed, 23 Nov 2022 04:09:30 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 11459
ETag: "v107"
Content-Type: image/png
1.bp.blogspot.com/-N_4TWVUmXv4/UDdKJf5NwCI/AAAAAAAAIgY/AGrKXgwkrTo/s1600/tombolcari.gif
142.250.74.161200 OK 1.0 kB URL HTTP/1.1 1.bp.blogspot.com/-N_4TWVUmXv4/UDdKJf5NwCI/AAAAAAAAIgY/AGrKXgwkrTo/s1600/tombolcari.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 24 x 24\012- data
Hash 71af17b227e8c7efc40ac691fae1b23e
b6be40eb29f5a9679093e6acf731d47bb5ea115c
66bcff5d6fc552e9bd9359cced5338eb4300588e8d4806a782da47c240addaa0
GET /-N_4TWVUmXv4/UDdKJf5NwCI/AAAAAAAAIgY/AGrKXgwkrTo/s1600/tombolcari.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="tombolcari.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1016
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 06:53:36 GMT
Expires: Sat, 08 Oct 2022 02:38:54 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3726
ETag: "v28e4"
Content-Type: image/gif
fonts.gstatic.com/s/skranji/v13/OZpDg_dtriVFNerMUzykkw.woff2
216.58.207.227200 OK 68 kB URL HTTP/1.1 fonts.gstatic.com/s/skranji/v13/OZpDg_dtriVFNerMUzykkw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 67876, version 1.0\012- data
Hash 188eec1da0df88269ff14f833717dedc
422454a882f15243f5aa3cfbadd60ec94054ca3b
53ab0bcb3e905faa71f4fb28e790e825fa08cc0a74adedacea2250348cd05f9f
GET /s/skranji/v13/OZpDg_dtriVFNerMUzykkw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://topvietravel.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 67876
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 06:57:52 GMT
Expires: Thu, 30 Nov 2023 06:57:52 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:06:04 GMT
Content-Type: font/woff2
Age: 176270
4.bp.blogspot.com/-LAGOPpd8H_o/UUVvnuO4yEI/AAAAAAAAAfE/Q26j4shYyzE/s1600/readmore.png
142.250.74.161404 Not Found 832 B URL HTTP/1.1 4.bp.blogspot.com/-LAGOPpd8H_o/UUVvnuO4yEI/AAAAAAAAAfE/Q26j4shYyzE/s1600/readmore.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-LAGOPpd8H_o/UUVvnuO4yEI/AAAAAAAAAfE/Q26j4shYyzE/s1600/readmore.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
3.bp.blogspot.com/-MDAVOH3vOYU/UUa9UYMZCJI/AAAAAAAAAjA/YicU-mlZMrY/s1600/RSSjosspendek.png
142.250.74.161404 Not Found 832 B URL HTTP/1.1 3.bp.blogspot.com/-MDAVOH3vOYU/UUa9UYMZCJI/AAAAAAAAAjA/YicU-mlZMrY/s1600/RSSjosspendek.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-MDAVOH3vOYU/UUa9UYMZCJI/AAAAAAAAAjA/YicU-mlZMrY/s1600/RSSjosspendek.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FNongDanViet.net&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30
157.240.240.35301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FNongDanViet.net&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FNongDanViet.net&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FNongDanViet.net&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30
Content-Type: text/plain
Server: proxygen-bolt
Date: Fri, 02 Dec 2022 07:55:42 GMT
Connection: keep-alive
Content-Length: 0
4.bp.blogspot.com/-pHaCPnRRhpw/UEyeymZDBAI/AAAAAAAAAPo/sQgRynAxmLc/s1600/FB.png
142.250.74.161200 OK 423 B URL HTTP/1.1 4.bp.blogspot.com/-pHaCPnRRhpw/UEyeymZDBAI/AAAAAAAAAPo/sQgRynAxmLc/s1600/FB.png
IP 142.250.74.161:0
File type PNG image data, 43 x 43, 8-bit/color RGB, non-interlaced\012- data
Hash 3d84e4ecd922176d8a975d52090cbfa6
79a6052296561a1a8ae581a9d4be531b9469e81e
29a29a336ac6b402fde5285de9dce7f211e0d2e3ea41802db45f4077721ce566
GET /-pHaCPnRRhpw/UEyeymZDBAI/AAAAAAAAAPo/sQgRynAxmLc/s1600/FB.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="FB.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 423
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 04:44:43 GMT
Expires: Fri, 25 Nov 2022 13:57:17 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 11459
ETag: "vfa"
Content-Type: image/png
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.227200 OK 9.8 kB URL HTTP/1.1 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://topvietravel.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9840
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 26 Nov 2022 22:29:19 GMT
Expires: Sun, 26 Nov 2023 22:29:19 GMT
Cache-Control: public, max-age=31536000
Age: 465983
Last-Modified: Mon, 18 Jul 2022 19:24:04 GMT
Content-Type: font/woff2
2.bp.blogspot.com/-l-SkUhZr5KU/TsZx8HbrJAI/AAAAAAAAAG0/L-g-4pdO1d4/s340-c/hoi+an1.jpg
142.250.74.161200 OK 62 kB URL HTTP/1.1 2.bp.blogspot.com/-l-SkUhZr5KU/TsZx8HbrJAI/AAAAAAAAAG0/L-g-4pdO1d4/s340-c/hoi+an1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 340x340, components 3\012- data
Hash 21543759286cfff4966303f0355cd2cf
136bd28956321caad539753e94592c260fa7ed73
03ab2fe4ccd9cee8eb264d0dc93da0a49cbb1490b0ce6e71fc8d9b89f9fabb15
GET /-l-SkUhZr5KU/TsZx8HbrJAI/AAAAAAAAAG0/L-g-4pdO1d4/s340-c/hoi+an1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v6d"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="hoi an1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 61739
X-XSS-Protection: 0
2.bp.blogspot.com/-l-SkUhZr5KU/TsZx8HbrJAI/AAAAAAAAAG0/L-g-4pdO1d4/s72-c/hoi+an1.jpg
142.250.74.161200 OK 4.2 kB URL HTTP/1.1 2.bp.blogspot.com/-l-SkUhZr5KU/TsZx8HbrJAI/AAAAAAAAAG0/L-g-4pdO1d4/s72-c/hoi+an1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash de252ba79ffb8bfee2d3c42ba04c4f2d
52353965788038104ea174aa5b3ae27d52ea96f4
66326c750e4d269a189b63be50004d63166b36f3d77045297016670333f210f8
GET /-l-SkUhZr5KU/TsZx8HbrJAI/AAAAAAAAAG0/L-g-4pdO1d4/s72-c/hoi+an1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v6d"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="hoi an1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 4197
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-cb-8UxmdvCY/UEye3s5ckoI/AAAAAAAAAQI/2UsOUiBl7OY/s1600/TW.png
142.250.74.161200 OK 653 B URL HTTP/1.1 2.bp.blogspot.com/-cb-8UxmdvCY/UEye3s5ckoI/AAAAAAAAAQI/2UsOUiBl7OY/s1600/TW.png
IP 142.250.74.161:0
File type PNG image data, 43 x 43, 8-bit/color RGB, non-interlaced\012- data
Hash 65cceb0c9dc4c83db643b10a535d4270
c7bf8f22e83e57c22b80b5c869fd74e60a2dd0a9
1f248c99fdb16a49716c4370fadbdb82721168b6ec8bdeb8b9d7f559c367e638
GET /-cb-8UxmdvCY/UEye3s5ckoI/AAAAAAAAAQI/2UsOUiBl7OY/s1600/TW.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="TW.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 653
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 04:44:43 GMT
Expires: Fri, 25 Nov 2022 13:57:17 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 11459
ETag: "v102"
Content-Type: image/png
4.bp.blogspot.com/-n10OWldhGFk/UUcImyQo2CI/AAAAAAAAAkg/yKCldFRFG7Y/s1600/footer-div.png
142.250.74.161404 Not Found 832 B URL HTTP/1.1 4.bp.blogspot.com/-n10OWldhGFk/UUcImyQo2CI/AAAAAAAAAkg/yKCldFRFG7Y/s1600/footer-div.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-n10OWldhGFk/UUcImyQo2CI/AAAAAAAAAkg/yKCldFRFG7Y/s1600/footer-div.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
2.bp.blogspot.com/-kX-wO_55wpo/UEye0R9pSdI/AAAAAAAAAP4/GYLd2emZvyc/s1600/G+.png
142.250.74.161200 OK 898 B URL HTTP/1.1 2.bp.blogspot.com/-kX-wO_55wpo/UEye0R9pSdI/AAAAAAAAAP4/GYLd2emZvyc/s1600/G+.png
IP 142.250.74.161:0
File type PNG image data, 43 x 43, 8-bit/color RGB, non-interlaced\012- data
Hash 223e069842b29335867705ca5b133a80
3b53aa8080caf5ac2e8ab6197a49c6199ec8bb66
b12e41dbcac6d9327376c725b26410358f58bb374652b2a9eb12a95827575b0a
GET /-kX-wO_55wpo/UEye0R9pSdI/AAAAAAAAAP4/GYLd2emZvyc/s1600/G+.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="G+.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 898
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 04:44:43 GMT
Expires: Tue, 22 Nov 2022 12:19:58 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 11459
ETag: "vfe"
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4907
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:55:42 GMT
Last-Modified: Fri, 02 Dec 2022 06:33:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
lh4.googleusercontent.com/-3Z1qvJaBuAE/UEEKEt987PI/AAAAAAAACnY/i0cYpWewGMU/h120/icon-roll.png
172.217.21.161200 OK 2.4 kB URL HTTP/2 lh4.googleusercontent.com/-3Z1qvJaBuAE/UEEKEt987PI/AAAAAAAACnY/i0cYpWewGMU/h120/icon-roll.png
IP 172.217.21.161:0
File type PNG image data, 56 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash a51ffdd48545acf8a3d6a35c33bb60be
32ccfaf2999072bdd0a4e36d0b5f7402a9df56a6
df47801eaba9e5f90210c832bbde5293e847c995a3d581051aac327e258f24e0
GET /-3Z1qvJaBuAE/UEEKEt987PI/AAAAAAAACnY/i0cYpWewGMU/h120/icon-roll.png HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="icon-roll.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2360
x-xss-protection: 0
date: Fri, 02 Dec 2022 07:55:42 GMT
expires: Thu, 01 Dec 2022 06:57:58 GMT
cache-control: public, max-age=86400, no-transform
etag: "va76"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s03.flagcounter.com/mini/RHrm/bg_FFFFFF/txt_000000/border_CCCCCC/flags_0/
66.154.110.218200 OK 2.3 kB URL HTTP/1.1 s03.flagcounter.com/mini/RHrm/bg_FFFFFF/txt_000000/border_CCCCCC/flags_0/
IP 66.154.110.218:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 160 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash f2e7d81e5daa2dab4d1e148961d43d49
d408d726a1e77ebc9957af3693cde2b78d5e0e08
f1791d2279edce3cd4466202970968ff46916fa2fdad3fd75613776a150a3394
GET /mini/RHrm/bg_FFFFFF/txt_000000/border_CCCCCC/flags_0/ HTTP/1.1
Host: s03.flagcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:55:43 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
4.bp.blogspot.com/-yYleP5Jhc-s/TsXgRwJH6ZI/AAAAAAAAAGI/tHSFXdrC624/s72-c/Phongnhacave.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/1.1 4.bp.blogspot.com/-yYleP5Jhc-s/TsXgRwJH6ZI/AAAAAAAAAGI/tHSFXdrC624/s72-c/Phongnhacave.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f6f50aded55d8a9f50da9f4e0b8005e2
e0511bbf18b3f0cb4a3e35f21dd6e6d9d8ada1f4
f10a475b0c91ca6b6cc39ef70e1589667b46d1798f7a012039abd8bf59491e87
GET /-yYleP5Jhc-s/TsXgRwJH6ZI/AAAAAAAAAGI/tHSFXdrC624/s72-c/Phongnhacave.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v62"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Phongnhacave.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 4477
X-XSS-Protection: 0
1.bp.blogspot.com/-o50lVPK1s4Y/TtZBQpIy0qI/AAAAAAAAAHI/pR8-wCt0Gj8/s72-c/429px-My_Son.jpg
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 1.bp.blogspot.com/-o50lVPK1s4Y/TtZBQpIy0qI/AAAAAAAAAHI/pR8-wCt0Gj8/s72-c/429px-My_Son.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7a0efce1c4f9dcdd87611f4b8878a8dc
135c6d4ac2d99a56f0418f084725de4a93dfa7fa
391551765bc88d1c5c0b031f606d75cf0945995437fb008e2fdc14d2eecb42b6
GET /-o50lVPK1s4Y/TtZBQpIy0qI/AAAAAAAAAHI/pR8-wCt0Gj8/s72-c/429px-My_Son.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v72"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="429px-My_Son.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 3848
X-XSS-Protection: 0
4.bp.blogspot.com/-yYleP5Jhc-s/TsXgRwJH6ZI/AAAAAAAAAGI/tHSFXdrC624/s340-c/Phongnhacave.jpg
142.250.74.161200 OK 58 kB URL HTTP/1.1 4.bp.blogspot.com/-yYleP5Jhc-s/TsXgRwJH6ZI/AAAAAAAAAGI/tHSFXdrC624/s340-c/Phongnhacave.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 340x340, components 3\012- data
Hash 6bd69724ab4b0b66d2658a7c09cf5762
d28b23839727ffe2cb20d323ebd04d5b6398677c
37e021c820c6b3668a8448768b0b9fd4f0049508e35c7755bececd68f3cd3a9b
GET /-yYleP5Jhc-s/TsXgRwJH6ZI/AAAAAAAAAGI/tHSFXdrC624/s340-c/Phongnhacave.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v62"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Phongnhacave.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 58077
X-XSS-Protection: 0
2.bp.blogspot.com/-fq27eyeUh0M/TsW3LNwIDaI/AAAAAAAAAEA/UXbFAucZB1s/s72-c/800px-Thien_Cung.jpg
142.250.74.161200 OK 4.3 kB URL HTTP/1.1 2.bp.blogspot.com/-fq27eyeUh0M/TsW3LNwIDaI/AAAAAAAAAEA/UXbFAucZB1s/s72-c/800px-Thien_Cung.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 43c349efd0c5c16b08d8a4f83509c619
87182c3c3b38e22d81b7621c8d1f886890574e19
534b10acc5cc52ecd5b9316211df9e8bb93daf132a8f873cc133eb0154e05e91
GET /-fq27eyeUh0M/TsW3LNwIDaI/AAAAAAAAAEA/UXbFAucZB1s/s72-c/800px-Thien_Cung.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v40"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="800px-Thien_Cung.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 4269
X-XSS-Protection: 0
www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FNongDanViet.net&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30
157.240.240.35200 OK 0 B URL HTTP/2 www.facebook.com/widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FNongDanViet.net&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/like.php?href=https%3A%2F%2Fwww.facebook.com%2FNongDanViet.net&layout=standard&show_faces=true&width=80&action=like&colorscheme=light&height=30 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://topvietravel.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: +mxIwHNnSROO/uc/WKg955M6crpzDIpi6mPcIcd55js5Jz/8F3o6G07q81xpkZruwon5AGKSHC1eLbMJJ2s8mg==
content-length: 0
date: Fri, 02 Dec 2022 07:55:42 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
4.bp.blogspot.com/-HBOy9jbVMl4/TsZldaYwwrI/AAAAAAAAAGk/91stwd_4Q3E/s72-c/hue3.jpg
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 4.bp.blogspot.com/-HBOy9jbVMl4/TsZldaYwwrI/AAAAAAAAAGk/91stwd_4Q3E/s72-c/hue3.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 383ad4a14cbf5c33e904be5d802c2684
e5e6ef32668a7cbc77aea073b91bb0213e12b5b1
303873e0c4465c4852c5dbe29bb3bcd98ba13992ac3d1eaf73fb7640cb7c146d
GET /-HBOy9jbVMl4/TsZldaYwwrI/AAAAAAAAAGk/91stwd_4Q3E/s72-c/hue3.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vfcc"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="hue3.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 3836
X-XSS-Protection: 0
1.bp.blogspot.com/-o50lVPK1s4Y/TtZBQpIy0qI/AAAAAAAAAHI/pR8-wCt0Gj8/s340-c/429px-My_Son.jpg
142.250.74.161200 OK 64 kB URL HTTP/1.1 1.bp.blogspot.com/-o50lVPK1s4Y/TtZBQpIy0qI/AAAAAAAAAHI/pR8-wCt0Gj8/s340-c/429px-My_Son.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 340x340, components 3\012- data
Hash 59aaa3d3ea4ce828e52bffc73a4826c7
4315b92dc3f16519c1a82139e8f7e25d49ffafb2
c828ad93880ae135a14501969e581fad40dd41fc7969a08ecea8a1bcd1374fc2
GET /-o50lVPK1s4Y/TtZBQpIy0qI/AAAAAAAAAHI/pR8-wCt0Gj8/s340-c/429px-My_Son.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v72"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="429px-My_Son.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 64380
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-VfsBM39sfa4/TuBXGjBBuwI/AAAAAAAAAKM/WCcBbLGiAek/s340-c/403px-Hanoi_Montage.jpg
142.250.74.161200 OK 56 kB URL HTTP/1.1 3.bp.blogspot.com/-VfsBM39sfa4/TuBXGjBBuwI/AAAAAAAAAKM/WCcBbLGiAek/s340-c/403px-Hanoi_Montage.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 340x340, components 3\012- data
Hash 195648beefadf7c012f729df06df1171
c4c8b25a77593739a57ba9de3890c8e0f9d2c9a9
45c6396ea4bec3909755e85d5e542cd7c231570f3fea34b44ae5b8c87ecf95d7
GET /-VfsBM39sfa4/TuBXGjBBuwI/AAAAAAAAAKM/WCcBbLGiAek/s340-c/403px-Hanoi_Montage.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vfcc"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="403px-Hanoi_Montage.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 56200
X-XSS-Protection: 0
2.bp.blogspot.com/-fq27eyeUh0M/TsW3LNwIDaI/AAAAAAAAAEA/UXbFAucZB1s/s340-c/800px-Thien_Cung.jpg
142.250.74.161200 OK 66 kB URL HTTP/1.1 2.bp.blogspot.com/-fq27eyeUh0M/TsW3LNwIDaI/AAAAAAAAAEA/UXbFAucZB1s/s340-c/800px-Thien_Cung.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 340x340, components 3\012- data
Hash 2b24ca1e2c5d8715f5c0aca09029d2c3
d8917674ccfaa82f46830569557a927cf5db0066
31cb413039dc511cf08a1c0975b7a7007a521497cbb1fd61dfb68fa1f4ec79d9
GET /-fq27eyeUh0M/TsW3LNwIDaI/AAAAAAAAAEA/UXbFAucZB1s/s340-c/800px-Thien_Cung.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v40"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="800px-Thien_Cung.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 65556
X-XSS-Protection: 0
2.bp.blogspot.com/-Kxw5JOQIKHc/TuHJa6r62PI/AAAAAAAAANA/o7dk6OpgbOU/s340-c/800px-Khanh_Hoa_Center_of_Political_and_Cultural_Events.JPG
142.250.74.161200 OK 38 kB URL HTTP/1.1 2.bp.blogspot.com/-Kxw5JOQIKHc/TuHJa6r62PI/AAAAAAAAANA/o7dk6OpgbOU/s340-c/800px-Khanh_Hoa_Center_of_Political_and_Cultural_Events.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 340x340, components 3\012- data
Hash 67a620e871e48d428ea85c828ee3c30f
91e1a06f0bb026fbe2f89bc6b31809e5da2586e7
48c7c7e2a709dde77d7070a0c9247643dddfdef529c4da55e1e6d6d506d48a55
GET /-Kxw5JOQIKHc/TuHJa6r62PI/AAAAAAAAANA/o7dk6OpgbOU/s340-c/800px-Khanh_Hoa_Center_of_Political_and_Cultural_Events.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vfcc"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="800px-Khanh_Hoa_Center_of_Political_and_Cultural_Events.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 38409
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4907
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:55:42 GMT
Last-Modified: Fri, 02 Dec 2022 06:33:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
2.bp.blogspot.com/-n5Ly-Lmg5Ws/TthvSpW3dcI/AAAAAAAAAI4/EuED01jWJHY/s340-c/600px-National_Museum_Vietnamese_History_62_%2528cropped%2529.jpg
142.250.74.161200 OK 26 kB URL HTTP/1.1 2.bp.blogspot.com/-n5Ly-Lmg5Ws/TthvSpW3dcI/AAAAAAAAAI4/EuED01jWJHY/s340-c/600px-National_Museum_Vietnamese_History_62_%2528cropped%2529.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 340x340, components 3\012- data
Hash 59e0c1b4c05164e9480c024cedc22145
f24f5024f4c69d06b47dcc27326846d38ffdc06b
ee90e425e9f1d5d259bb336e7f8020098de43eef0f5570f4463fd48eb80bfff2
GET /-n5Ly-Lmg5Ws/TthvSpW3dcI/AAAAAAAAAI4/EuED01jWJHY/s340-c/600px-National_Museum_Vietnamese_History_62_%2528cropped%2529.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v8e"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="600px-National_Museum_Vietnamese_History_62_(cropped).jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 25729
X-XSS-Protection: 0
2.bp.blogspot.com/-vBqe4ZmtYSo/UT87W-IKz4I/AAAAAAAAAbU/EE8BXvUkjNY/s1600/sprite.png
142.250.74.161404 Not Found 832 B URL HTTP/1.1 2.bp.blogspot.com/-vBqe4ZmtYSo/UT87W-IKz4I/AAAAAAAAAbU/EE8BXvUkjNY/s1600/sprite.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-vBqe4ZmtYSo/UT87W-IKz4I/AAAAAAAAAbU/EE8BXvUkjNY/s1600/sprite.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
4.bp.blogspot.com/-HBOy9jbVMl4/TsZldaYwwrI/AAAAAAAAAGk/91stwd_4Q3E/s340-c/hue3.jpg
142.250.74.161200 OK 50 kB URL HTTP/1.1 4.bp.blogspot.com/-HBOy9jbVMl4/TsZldaYwwrI/AAAAAAAAAGk/91stwd_4Q3E/s340-c/hue3.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 340x340, components 3\012- data
Hash d9886465b370b84b193da411e2f4d2c4
e1ffbafceeb14d9fafe6d0364c5f2bb5d297e8af
f02a303a134a68a0e1f2bc60d7dbbed8736c7873936964d75918278413e3006b
GET /-HBOy9jbVMl4/TsZldaYwwrI/AAAAAAAAAGk/91stwd_4Q3E/s340-c/hue3.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vfcc"
Expires: Sat, 03 Dec 2022 07:55:42 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="hue3.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 50463
X-XSS-Protection: 0
2.bp.blogspot.com/-A2gUy4WF8l8/UUa2igFbIZI/AAAAAAAAAiM/2ck6-Wot2yM/s1600/rss.png
142.250.74.161404 Not Found 832 B URL HTTP/1.1 2.bp.blogspot.com/-A2gUy4WF8l8/UUa2igFbIZI/AAAAAAAAAiM/2ck6-Wot2yM/s1600/rss.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-A2gUy4WF8l8/UUa2igFbIZI/AAAAAAAAAiM/2ck6-Wot2yM/s1600/rss.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 07:55:42 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
s03.flagcounter.com/count/MkHF/bg_FFFFFF/txt_000000/border_CCCCCC/columns_3/maxflags_36/viewers_3/labels_1/pageviews_0/flags_1/
66.154.110.218200 OK 23 kB URL HTTP/1.1 s03.flagcounter.com/count/MkHF/bg_FFFFFF/txt_000000/border_CCCCCC/columns_3/maxflags_36/viewers_3/labels_1/pageviews_0/flags_1/
IP 66.154.110.218:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 275 x 212, 8-bit/color RGB, non-interlaced\012- data
Hash b9e4916e64744080186ba977d783f770
67aa24dd6500d1f703d724595b10f89253342c2d
c1707b1097c77ef4c760654a939184767e65bede65544cc88070ec4d759b9994
GET /count/MkHF/bg_FFFFFF/txt_000000/border_CCCCCC/columns_3/maxflags_36/viewers_3/labels_1/pageviews_0/flags_1/ HTTP/1.1
Host: s03.flagcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 07:55:43 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
topvietravel.blogspot.com/favicon.ico
172.217.21.161200 OK 846 B URL HTTP/1.1 topvietravel.blogspot.com/favicon.ico
IP 172.217.21.161:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3621343553f9d13d800667ba34528934
ec8dc0a5868a40b0c5f2b7d977fb15928ec004a5
fffb727652ae3bda228db14db3b7eab5fa55e58a70bcc38c6cbd779bd7d17fcf
GET /favicon.ico HTTP/1.1
Host: topvietravel.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://topvietravel.blogspot.com/
Cookie: faceLike=liked
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Fri, 02 Dec 2022 07:55:42 GMT
Date: Fri, 02 Dec 2022 07:55:42 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sun, 05 Dec 2021 03:53:18 GMT
ETag: W/"51ea719c5e1ff0d63fb1ee4ddc0a102874a9bb7b274cc319ddd6a185d088201d"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 846
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4272
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:55:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4272
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:55:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4272
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:55:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4272
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:55:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4272
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:55:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d147ccb10bda82b153a596c3c967cd6a
ffd0763f997e71a8c1458523fc17cafe8849dfdf
1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7591
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGgMFRZIAMFl7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 36411
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 36411
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDHE4zoAMFvfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nPuZoyOu_QAqbZvTUaNy1J3BOqnR2ttrIhv9BwRmWnKeba-e6MZWKA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:55:34 GMT
age: 36008
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:21:56 GMT
age: 66826
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 36346
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 6894
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2