assistirfutebolaovivo2013.blogspot.ru/search/label/Balotelli
142.250.74.161302 Moved Temporarily 204 B URL HTTP/1.1 assistirfutebolaovivo2013.blogspot.ru/search/label/Balotelli
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 5c174260abc9391d0960888e2134d02c
2c45fca7820e90e98aa9fb1de8eb6ecd6f44c306
9f64b5022bc21bb1c91dd5109e110f40e73a5c78e40f2bb358473fa25f21af3a
Analyzer Verdict Alert fortinet Malware
GET /search/label/Balotelli HTTP/1.1
Host: assistirfutebolaovivo2013.blogspot.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://assistirfutebolaovivo2013.blogspot.com/search/label/Balotelli
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 24 Nov 2022 14:20:28 GMT
Expires: Thu, 24 Nov 2022 14:20:28 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 204
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4524
Expires: Thu, 24 Nov 2022 15:35:52 GMT
Date: Thu, 24 Nov 2022 14:20:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4969
Cache-Control: max-age=164012
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:28 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:54:00 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 14:17:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 190
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13082
Expires: Thu, 24 Nov 2022 17:58:30 GMT
Date: Thu, 24 Nov 2022 14:20:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IYoWZZTOUChqsU59mqKI9YNC3Jl+AU1opjbUJW26beTc1pk5RYwkAjlLXQ7w+Ndm8Wy3WWiiIyk=
x-amz-request-id: MSCJ1W6TR2V9M481
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 13:43:25 GMT
age: 2224
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 14:20:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
assistirfutebolaovivo2013.blogspot.com/search/label/Balotelli
142.250.74.161200 OK 22 kB URL HTTP/1.1 assistirfutebolaovivo2013.blogspot.com/search/label/Balotelli
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (403)
Hash ca9fceeb5be31ede7e71996db6e098bf
60a547532d7c890ab9ff5da6e07a7f4fd17a90f3
a5e60e6692c558b9c32ce17e3590f14f4030d41bbf668068328ec31c948882e7
Analyzer Verdict Alert fortinet Malware
GET /search/label/Balotelli HTTP/1.1
Host: assistirfutebolaovivo2013.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 24 Nov 2022 14:20:29 GMT
Date: Thu, 24 Nov 2022 14:20:29 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 21 Jun 2022 03:49:56 GMT
ETag: W/"a0e465993a121f7d761bf2c9d960f31090b6f41a28b2d88f0fc75ece2e5c411b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 22472
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 14:08:53 GMT
cache-control: public,max-age=3600
age: 696
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4743
Cache-Control: max-age=158723
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:29 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:25:52 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
assistirfutebolaovivo2013.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 assistirfutebolaovivo2013.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: assistirfutebolaovivo2013.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/search/label/Balotelli
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 07:08:10 GMT
Expires: Thu, 01 Dec 2022 07:08:10 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 24 Nov 2022 00:53:02 GMT
Content-Type: text/javascript
Age: 25939
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.130200 OK 36 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (3577)
Hash 674e02a2f1c3edc0d070488f93a85565
b1f1c329f5247eb0ca284063433584bcac69c1dd
2170958a12cc51757ef7d7b8f9c4e1e944fe207708f9addbb5440f560c337aac
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 24 Nov 2022 14:20:29 GMT
Expires: Thu, 24 Nov 2022 14:20:29 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 6024185836991782708
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 36278
X-XSS-Protection: 0
code.jquery.com/jquery-latest.js
69.16.175.10200 OK 84 kB URL HTTP/1.1 code.jquery.com/jquery-latest.js
IP 69.16.175.10:0
Hash ea735805900bbd9b4dc4f93e4348b8d8
2e2d5c3270d6a6a0e4aab05f3a3f4ea8f8f7c07c
962d003a78697a2a9508f3da6cc6a65259f3fb9b59d6eaa1486f7034830494b2
GET /jquery-latest.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 14:20:29 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 83875
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"620cd6ff-4508e"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1669299629.dop017.sk1.t,1669299629.cds212.sk1.c
cdn.adf.ly/js/link-converter.js
104.20.67.244200 OK 11 kB URL HTTP/1.1 cdn.adf.ly/js/link-converter.js
IP 104.20.67.244:0
File type ASCII text, with very long lines (24590)
Hash a9d75b7bd46c34771667449479f06d0d
bf539dc98ca8fed1ef064557305d9a26d8f5442f
b84cfa9a1114f418b7600e993e8c9d99a1ccf40e2efccd0484a365e43129d4f0
GET /js/link-converter.js HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 14:20:29 GMT
Content-Type: application/x-javascript
Content-Length: 11182
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 14:02:19 GMT
last-modified: Tue, 15 Nov 2022 00:59:02 GMT
etag: "7b7a-6372e456-bb6751cf487a3302;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1090
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 76f2c91d8bfcb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ee7dfd7708b6cba74ec79aa7266a4e9e
d36a19314341fcb8effad1ba4a3e5d5e444b5294
62f49a3cbefcd2d52fddf4c35d7d978f2cc3482683fe201667d5f34df67ba13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85c366a970be2cf52f279f054d4c13ea
203d25dc5965e9c45b25948ae4473d09a3e2fdaf
1373f167d86539ac40cfed4722408ded3edd87701107caa70da536dec8278249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85c366a970be2cf52f279f054d4c13ea
203d25dc5965e9c45b25948ae4473d09a3e2fdaf
1373f167d86539ac40cfed4722408ded3edd87701107caa70da536dec8278249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ee7dfd7708b6cba74ec79aa7266a4e9e
d36a19314341fcb8effad1ba4a3e5d5e444b5294
62f49a3cbefcd2d52fddf4c35d7d978f2cc3482683fe201667d5f34df67ba13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 253106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha111FMMDIIGPy0YVBsabCVC4YqxMsK1tRFlC0BgMJT9gcp1hdVydK6qeBo50vaNYH4GtaQlA7eZxMxA4gAsee0rMR563i6JGfbizBPJ7oHjVM3R1t24N-hSLR8dZPWLOV3MvxRxDRD-7_I35ZyfOiombHB1mTaxnJ-jvA1UVO74DG5Tbh8p7qiI3X4v_NU=w72-h72-p-k-no-nu
142.250.74.33200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha111FMMDIIGPy0YVBsabCVC4YqxMsK1tRFlC0BgMJT9gcp1hdVydK6qeBo50vaNYH4GtaQlA7eZxMxA4gAsee0rMR563i6JGfbizBPJ7oHjVM3R1t24N-hSLR8dZPWLOV3MvxRxDRD-7_I35ZyfOiombHB1mTaxnJ-jvA1UVO74DG5Tbh8p7qiI3X4v_NU=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash e4a2d63b542ba409b0edd1251e777a05
dbeb85f26397df9bf073a2ff8ee96b80e4aa0269
7514f4433cb0c5a25d62b6607311fa24950dda1f8dcd0c17feee0929014aeef2
GET /blogger_img_proxy/ANbyha111FMMDIIGPy0YVBsabCVC4YqxMsK1tRFlC0BgMJT9gcp1hdVydK6qeBo50vaNYH4GtaQlA7eZxMxA4gAsee0rMR563i6JGfbizBPJ7oHjVM3R1t24N-hSLR8dZPWLOV3MvxRxDRD-7_I35ZyfOiombHB1mTaxnJ-jvA1UVO74DG5Tbh8p7qiI3X4v_NU=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 25 Nov 2022 14:20:29 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 14:20:29 GMT
server: fife
content-length: 4208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: text/css
age: 150471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0cDNHyHFAIbEWEH0BbSnD8qCIvoLzAlhLCGrpM4MYPBkKfffrMAQ37WNGMkLO01bNc98B_olR51NA2rZLgdPvd0oZQu_jP9isgLiULNhugmKQgHQ=w72-h72-n-k-no-nu
142.250.74.33200 OK 4.0 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0cDNHyHFAIbEWEH0BbSnD8qCIvoLzAlhLCGrpM4MYPBkKfffrMAQ37WNGMkLO01bNc98B_olR51NA2rZLgdPvd0oZQu_jP9isgLiULNhugmKQgHQ=w72-h72-n-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 675d55955646d0ecd2988b08f822cb66
f497185d1b3f762c27b5e7a9a866181f038df5b1
3a90397a1a760ac997f1d243e993ca08d8b7490efb89e9ca6dfc63319e45e676
GET /blogger_img_proxy/ANbyha0cDNHyHFAIbEWEH0BbSnD8qCIvoLzAlhLCGrpM4MYPBkKfffrMAQ37WNGMkLO01bNc98B_olR51NA2rZLgdPvd0oZQu_jP9isgLiULNhugmKQgHQ=w72-h72-n-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 25 Nov 2022 14:20:29 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 14:20:29 GMT
server: fife
content-length: 3978
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/_lxBSX0YJV58/TOspUPhU_EI/AAAAAAAAA3g/79SGnnRsAk4/s1600/category.gif
142.250.74.161200 OK 239 B URL HTTP/1.1 2.bp.blogspot.com/_lxBSX0YJV58/TOspUPhU_EI/AAAAAAAAA3g/79SGnnRsAk4/s1600/category.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash a3ef8d88a2ac8fa1b304e7f132c3f76f
a72274e38fa5ab7db1784ac4f52b1822b33376f8
620ad7a10816218d83811fc0b56b3f1c919e42a28929ccab37769a41af374280
GET /_lxBSX0YJV58/TOspUPhU_EI/AAAAAAAAA3g/79SGnnRsAk4/s1600/category.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="category.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 239
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 14:20:29 GMT
Expires: Thu, 24 Nov 2022 02:23:33 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vb1f"
Content-Type: image/gif
Age: 0
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0dcfeoA4lZ1K7BKob-ZkutpOMdbQGn--CEAQnkvKIgfxT0vAB9TJzRieM5ldKCYawIXuJXbNLfcAAkZ3XJFHowkaztKdOPvhNFj8AtR2c=w72-h72-p-k-no-nu
142.250.74.33200 OK 2.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0dcfeoA4lZ1K7BKob-ZkutpOMdbQGn--CEAQnkvKIgfxT0vAB9TJzRieM5ldKCYawIXuJXbNLfcAAkZ3XJFHowkaztKdOPvhNFj8AtR2c=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash c16563b022d613538015e1f6958d835e
21e0e06af62c12b8667dfeee4b014743c5080980
0418ce065b21a27f436c0e15049d81f6ab4cf37a0665ae689c8e71c16f83a402
GET /blogger_img_proxy/ANbyha0dcfeoA4lZ1K7BKob-ZkutpOMdbQGn--CEAQnkvKIgfxT0vAB9TJzRieM5ldKCYawIXuJXbNLfcAAkZ3XJFHowkaztKdOPvhNFj8AtR2c=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 25 Nov 2022 14:20:29 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 14:20:29 GMT
server: fife
content-length: 2115
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-KckLdKaykLU/Uf26i3msN5I/AAAAAAAAQmg/Lp9zUbp2rms/w72-h72-p-k-no-nu/PRIPLES.jpg
142.250.74.161200 OK 3.0 kB URL HTTP/1.1 4.bp.blogspot.com/-KckLdKaykLU/Uf26i3msN5I/AAAAAAAAQmg/Lp9zUbp2rms/w72-h72-p-k-no-nu/PRIPLES.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 35f99bb42021032d4877b7948d989764
1c5ce33e4db65a713de0849f99f3e4c82395cab3
6db1043291dd6f6e7bd22fcfc5870ced198cefbb6994102c2ea9e5a461b65749
GET /-KckLdKaykLU/Uf26i3msN5I/AAAAAAAAQmg/Lp9zUbp2rms/w72-h72-p-k-no-nu/PRIPLES.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="PRIPLES.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3043
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 14:20:29 GMT
Expires: Fri, 25 Nov 2022 07:08:11 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4269"
Content-Type: image/jpeg
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 85c366a970be2cf52f279f054d4c13ea
203d25dc5965e9c45b25948ae4473d09a3e2fdaf
1373f167d86539ac40cfed4722408ded3edd87701107caa70da536dec8278249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ee7dfd7708b6cba74ec79aa7266a4e9e
d36a19314341fcb8effad1ba4a3e5d5e444b5294
62f49a3cbefcd2d52fddf4c35d7d978f2cc3482683fe201667d5f34df67ba13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-89OFYemfjgM/TxFqSDzGsnI/AAAAAAAAFrA/xWmMH-FKt5c/s0/body-bg.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/1.1 2.bp.blogspot.com/-89OFYemfjgM/TxFqSDzGsnI/AAAAAAAAFrA/xWmMH-FKt5c/s0/body-bg.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 89x95, components 3\012- data
Hash 2e0117f56a903e120aaeba66d8d3620f
29a2a9902738fed53626aa842b0be3aee6d6189b
a8778a27a882b7264267dcc52abcb114d218ad906c2f7273d91bb9d67a2818e1
GET /-89OFYemfjgM/TxFqSDzGsnI/AAAAAAAAFrA/xWmMH-FKt5c/s0/body-bg.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="body-bg.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2221
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 14:20:29 GMT
Expires: Fri, 25 Nov 2022 07:08:11 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v16b0"
Content-Type: image/jpeg
Age: 0
push.services.mozilla.com/
54.188.211.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.188.211.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7oDs62y5lZTzATOARsHBTg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9QztAfEhjMaBqGq47mWGyZg5Ij8=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5987733018377260&plah=assistirfutebolaovivo2013.blogspot.com
142.250.74.130200 OK 472 B URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5987733018377260&plah=assistirfutebolaovivo2013.blogspot.com
IP 142.250.74.130:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
GET /pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5987733018377260&plah=assistirfutebolaovivo2013.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 24 Nov 2022 14:20:29 GMT
expires: Thu, 24 Nov 2022 14:20:29 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 2823498187712875817
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Xhzm1cN-SoxL-LLbAWq8ui0UW3aXjtpCsJWutzyQzhpign93rLyu-Id5OzGGQfEA8Q-fDG7BqoCx5jtyeKOO96oy3Yn6PMKHeq3vrr8zIR3bO7FDzaTIIfUrv8-Vh_mnHNJt7Iy01q2GFKMTDDFm7WsCM-VgI_Am-BTnEaH443w=w72-h72-p-k-no-nu
142.250.74.33404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0Xhzm1cN-SoxL-LLbAWq8ui0UW3aXjtpCsJWutzyQzhpign93rLyu-Id5OzGGQfEA8Q-fDG7BqoCx5jtyeKOO96oy3Yn6PMKHeq3vrr8zIR3bO7FDzaTIIfUrv8-Vh_mnHNJt7Iy01q2GFKMTDDFm7WsCM-VgI_Am-BTnEaH443w=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 81188a6e333a4827b5eded6b94b241e4
25e2f29b32ed9df91632c1f430d2ebeae1c19af6
0a29da46da20159cbecaffbaec6009c4424b1410e3d56a5ecdfb42adf0714115
GET /blogger_img_proxy/ANbyha0Xhzm1cN-SoxL-LLbAWq8ui0UW3aXjtpCsJWutzyQzhpign93rLyu-Id5OzGGQfEA8Q-fDG7BqoCx5jtyeKOO96oy3Yn6PMKHeq3vrr8zIR3bO7FDzaTIIfUrv8-Vh_mnHNJt7Iy01q2GFKMTDDFm7WsCM-VgI_Am-BTnEaH443w=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Nov 2022 14:20:30 GMT
server: fife
content-length: 1775
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b.dihitt.com/banners/dihitt_76x16_01.jpg
185.20.12.63400 Bad Request 150 B URL HTTP/1.1 b.dihitt.com/banners/dihitt_76x16_01.jpg
IP 185.20.12.63:0
ASN #44136 ODERLAND Webbhotell AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7f077f1fce3d566040b0d69eb1f27d8f
28d9c5f6b214c5cdbe7f7e55d6ed5e82080dea01
487ad0d2cf075f4328a1adf57ef428759ad4e2c873a8ebd2ad9653990829c9cf
GET /banners/dihitt_76x16_01.jpg HTTP/1.1
Host: b.dihitt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 24 Nov 2022 14:20:30 GMT
Content-Type: text/html
Content-Length: 150
Connection: close
X-Edge-IP: 185.20.12.63
X-Edge-Location: Kungalv, SE
4.bp.blogspot.com/_lxBSX0YJV58/TOspUDPaIuI/AAAAAAAAA3Y/HWYY0RgmxrE/s1600/bullet.gif
142.250.74.161200 OK 58 B URL HTTP/1.1 4.bp.blogspot.com/_lxBSX0YJV58/TOspUDPaIuI/AAAAAAAAA3Y/HWYY0RgmxrE/s1600/bullet.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 12 x 12\012- data
Hash 1eb0141092d64f160942df6315bdeb4a
c30bd8a94ac5a691ab3b3165058cd608c310207a
a8685bba41d149ad796f19eb7ad1c3e09d1a0efead16b875e720090684555209
GET /_lxBSX0YJV58/TOspUDPaIuI/AAAAAAAAA3Y/HWYY0RgmxrE/s1600/bullet.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bullet.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 58
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 14:20:30 GMT
Expires: Fri, 25 Nov 2022 07:08:11 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vbb5"
Content-Type: image/gif
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05681a05de8df6e408ae41032401b73f
f4824b4863e26866b10cd45a8cb422c339997035
97ab2238b53d233622081c75f7c60621eea9ae85c19c7ae958cfdbd685f39ebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=assistirfutebolaovivo2013.blogspot.com&callback=_gfp_s_&client=ca-pub-5987733018377260&gpid_exp=1
172.217.21.162200 OK 253 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=assistirfutebolaovivo2013.blogspot.com&callback=_gfp_s_&client=ca-pub-5987733018377260&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 78b129aa12ecc98e8e4b9aa248699580
ab8655d3137319d75e69f33431a89f41033710de
21f019388ce17c86b0956fcc2d98230cb8f3d4b299c1aa17479126408e894c16
GET /gampad/cookie.js?domain=assistirfutebolaovivo2013.blogspot.com&callback=_gfp_s_&client=ca-pub-5987733018377260&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 24 Nov 2022 14:20:30 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=assistirfutebolaovivo2013.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=assistirfutebolaovivo2013.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=assistirfutebolaovivo2013.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 24 Nov 2022 14:20:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=assistirfutebolaovivo2013.blogspot.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=assistirfutebolaovivo2013.blogspot.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=assistirfutebolaovivo2013.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 24 Nov 2022 14:20:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05681a05de8df6e408ae41032401b73f
f4824b4863e26866b10cd45a8cb422c339997035
97ab2238b53d233622081c75f7c60621eea9ae85c19c7ae958cfdbd685f39ebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5987733018377260&output=html&h=90&slotname=1772122659&adk=1778352064&adf=4234571507&pi=t.ma~as.1772122659&w=200&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=8&bdt=641&idt=111&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451%2C1772122659%2C9295389451&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=1123&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gi53RWDcDu&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=266
142.250.74.34400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5987733018377260&output=html&h=90&slotname=1772122659&adk=1778352064&adf=4234571507&pi=t.ma~as.1772122659&w=200&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=8&bdt=641&idt=111&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451%2C1772122659%2C9295389451&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=1123&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gi53RWDcDu&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=266
IP 142.250.74.34:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-5987733018377260&output=html&h=90&slotname=1772122659&adk=1778352064&adf=4234571507&pi=t.ma~as.1772122659&w=200&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=8&bdt=641&idt=111&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451%2C1772122659%2C9295389451&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=1123&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coebr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=gi53RWDcDu&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=266 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Nov 2022 14:20:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 14:35:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assistirfutebolaovivo2013.blogspot.com/search/label/facio.min.js
142.250.74.161200 OK 4.1 kB URL HTTP/1.1 assistirfutebolaovivo2013.blogspot.com/search/label/facio.min.js
IP 142.250.74.161:0
Hash 8276ec6deef4728574d2d4516df0c165
5d902403bd94467f761cc26f2ddb1855248753f1
e360106489ea39ae904483d81bea4283d8c506cfb1afb6f0c0d90a31094a75c8
Analyzer Verdict Alert fortinet Malware
GET /search/label/facio.min.js HTTP/1.1
Host: assistirfutebolaovivo2013.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/search/label/Balotelli
Cookie: kmr9eE1=update
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 24 Nov 2022 14:20:30 GMT
Date: Thu, 24 Nov 2022 14:20:30 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 21 Jun 2022 03:49:56 GMT
ETag: W/"a0e465993a121f7d761bf2c9d960f31090b6f41a28b2d88f0fc75ece2e5c411b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 21781
Server: GSE
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5987733018377260&output=html&h=90&slotname=1772122659&adk=1618460301&adf=4163729223&pi=t.ma~as.1772122659&w=200&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=15&bdt=642&idt=117&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451%2C1772122659%2C9295389451%2C1772122659&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=854&ady=165&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&fsb=1&xpc=uG12eR3Cc6&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=274
142.250.74.34400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5987733018377260&output=html&h=90&slotname=1772122659&adk=1618460301&adf=4163729223&pi=t.ma~as.1772122659&w=200&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=15&bdt=642&idt=117&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451%2C1772122659%2C9295389451%2C1772122659&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=854&ady=165&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&fsb=1&xpc=uG12eR3Cc6&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=274
IP 142.250.74.34:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-5987733018377260&output=html&h=90&slotname=1772122659&adk=1618460301&adf=4163729223&pi=t.ma~as.1772122659&w=200&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=15&bdt=642&idt=117&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451%2C1772122659%2C9295389451%2C1772122659&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=854&ady=165&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=6&uci=a!6&fsb=1&xpc=uG12eR3Cc6&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=274 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Nov 2022 14:20:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 14:35:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5987733018377260&output=html&h=90&slotname=1772122659&adk=3545877634&adf=652395693&pi=t.ma~as.1772122659&w=200&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=6&bdt=641&idt=108&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=739&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3Iw6I7fri5&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=251
142.250.74.34400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5987733018377260&output=html&h=90&slotname=1772122659&adk=3545877634&adf=652395693&pi=t.ma~as.1772122659&w=200&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=6&bdt=641&idt=108&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=739&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3Iw6I7fri5&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=251
IP 142.250.74.34:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-5987733018377260&output=html&h=90&slotname=1772122659&adk=3545877634&adf=652395693&pi=t.ma~as.1772122659&w=200&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=6&bdt=641&idt=108&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=739&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3Iw6I7fri5&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=251 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Nov 2022 14:20:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 14:35:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5987733018377260&output=html&h=280&slotname=9295389451&adk=3580676456&adf=3058408138&pi=t.ma~as.9295389451&w=336&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=5&bdt=640&idt=109&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451%2C1772122659&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=836&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kUwAuyJlnt&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=260
142.250.74.34400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5987733018377260&output=html&h=280&slotname=9295389451&adk=3580676456&adf=3058408138&pi=t.ma~as.9295389451&w=336&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=5&bdt=640&idt=109&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451%2C1772122659&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=836&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kUwAuyJlnt&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=260
IP 142.250.74.34:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-5987733018377260&output=html&h=280&slotname=9295389451&adk=3580676456&adf=3058408138&pi=t.ma~as.9295389451&w=336&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=5&bdt=640&idt=109&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451%2C9295389451%2C1772122659&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=836&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=kUwAuyJlnt&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=260 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Nov 2022 14:20:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 14:35:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5987733018377260&output=html&h=280&slotname=9295389451&adk=806789728&adf=443438000&pi=t.ma~as.9295389451&w=336&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=7&bdt=642&idt=104&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=452&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=gV8LVK6bpB&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=246
142.250.74.34400 Bad Request 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5987733018377260&output=html&h=280&slotname=9295389451&adk=806789728&adf=443438000&pi=t.ma~as.9295389451&w=336&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=7&bdt=642&idt=104&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=452&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=gV8LVK6bpB&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=246
IP 142.250.74.34:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-5987733018377260&output=html&h=280&slotname=9295389451&adk=806789728&adf=443438000&pi=t.ma~as.9295389451&w=336&lmt=1655783396&url=http%3A%2F%2Fassistirfutebolaovivo2013.blogspot.com%2Fsearch%2Flabel%2FBalotelli&host=pub-1556223355139109&wgl=1&dt=1669299629822&bpp=7&bdt=642&idt=104&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9295389451&correlator=2819401181817&frm=20&pv=1&ga_vid=1500424704.1669299630&ga_sid=1669299630&ga_hid=1991526620&ga_fc=0&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=144&ady=452&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44776360%2C31070763%2C31070993&oid=2&pvsid=2008256342434659&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Coe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=gV8LVK6bpB&p=http%3A//assistirfutebolaovivo2013.blogspot.com&dtd=246 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Nov 2022 14:20:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 14:35:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
142.250.74.130200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with very long lines (14818), with no line terminators
Hash 8c48f3a44892f78c1fa13120774ee2e8
425dff547d7a865e79916b7164b36bb39bc8e7a6
7ac385f57b59ae79729b089214bc3be38aaa8df2e3a5996a19e93aa256900e18
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://assistirfutebolaovivo2013.blogspot.com
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 24 Nov 2022 14:20:30 GMT
server: cafe
content-length: 11179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assistirfutebolaovivo2013.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 assistirfutebolaovivo2013.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: assistirfutebolaovivo2013.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/search/label/Balotelli
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Thu, 24 Nov 2022 14:20:30 GMT
Date: Thu, 24 Nov 2022 14:20:30 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 21 Jun 2022 03:49:56 GMT
ETag: W/"a0e465993a121f7d761bf2c9d960f31090b6f41a28b2d88f0fc75ece2e5c411b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fdd426230fc6d944211201eb8bb9aa8c
9e45a44aa7f38231001fd10e25def211714bdf3a
3fb27cd549f11bd7bfd961cf3c5a4fa7e5f4b39565a65ce45846f423e5bcf4cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 14:20:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 9334265c260600ba603d57ac14575ac9
323ee0af2f9cfdce3756f5c0a231509c742bf7cd
f8eb76030e3bc34534f8e42e8aa954e0e0bbc3fa0c7015f43a143aa2d860ba41
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 24 Nov 2022 14:20:30 GMT
date: Thu, 24 Nov 2022 14:20:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-M7ToNjWuCMvchp89PQDsVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16382
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 14:20:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16382
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 14:20:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 59559
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
assistirfutebolaovivo2013.blogspot.com/search/label/facio.min.js
142.250.74.161200 OK 9.2 kB URL HTTP/1.1 assistirfutebolaovivo2013.blogspot.com/search/label/facio.min.js
IP 142.250.74.161:0
Hash 57f4b67d783e9d06649a2dfbc9e0d227
f97dea23581d853e6a8688e05a95ba8eb960209e
91296f42dd8ada53a59d52a313ed18ae81bdda9bdf154274e403d713ecbbb479
Analyzer Verdict Alert fortinet Malware
GET /search/label/facio.min.js HTTP/1.1
Host: assistirfutebolaovivo2013.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://assistirfutebolaovivo2013.blogspot.com/search/label/Balotelli
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 24 Nov 2022 14:20:29 GMT
Date: Thu, 24 Nov 2022 14:20:29 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 21 Jun 2022 03:49:56 GMT
ETag: W/"a0e465993a121f7d761bf2c9d960f31090b6f41a28b2d88f0fc75ece2e5c411b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 21781
Server: GSE
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 58335
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:10:24 GMT
age: 25807
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 58873
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 33363
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2