r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8864
Expires: Mon, 28 Nov 2022 12:22:32 GMT
Date: Mon, 28 Nov 2022 09:54:48 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3720
Cache-Control: max-age=92305
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:33:13 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
bubanana.blogspot.com/
200 OK 16 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4184)
Hash b69ba5ec445dd62e3be2d5aac93fbecf
74f967a31331e0b340440c3a4f825f963677d9a6
bd01901ed3b13dbd64401a09c863e5162be5933a82a4e623bc2bfb24b98511dd
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: bubanana.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Mon, 28 Nov 2022 09:54:48 GMT
Date: Mon, 28 Nov 2022 09:54:48 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 08 Nov 2022 02:58:12 GMT
ETag: W/"25f8928e148125ca8b6406e4e1ce6b9d299a92aee2c4b9af3b8151b2474a665a"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 16439
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7641
Expires: Mon, 28 Nov 2022 12:02:09 GMT
Date: Mon, 28 Nov 2022 09:54:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 09:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2116
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eMM4MegFox72mVKiDOs2vgTGxsm/7Gi2QlchMQdZYQY06/i2oEM3mkibkEn7hxXXdN12mbDn2c4=
x-amz-request-id: WTWSCXZMWC80D23T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 09:42:00 GMT
age: 768
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:54:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dl.dropbox.com/u/93265919/efeitoimagens/data-post.js
301 Moved Permanently 0 B URL HTTP/1.1 dl.dropbox.com/u/93265919/efeitoimagens/data-post.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /u/93265919/efeitoimagens/data-post.js HTTP/1.1
Host: dl.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 301 Moved Permanently
location: https://dl.dropbox.com/u/93265919/efeitoimagens/data-post.js
date: Mon, 28 Nov 2022 09:54:48 GMT
server: envoy
x-dropbox-request-id: 6e5aa8f1d1904b21b9487481266233f2
content-length: 0
dl.dropbox.com/u/93265919/efeitoimagens/blogger.js
301 Moved Permanently 0 B URL HTTP/1.1 dl.dropbox.com/u/93265919/efeitoimagens/blogger.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /u/93265919/efeitoimagens/blogger.js HTTP/1.1
Host: dl.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 301 Moved Permanently
location: https://dl.dropbox.com/u/93265919/efeitoimagens/blogger.js
date: Mon, 28 Nov 2022 09:54:48 GMT
server: envoy
x-dropbox-request-id: a66fea36f59946d58268e50ba4714ca5
content-length: 0
dl.dropbox.com/u/35784805/Mil%20Trucos%20Blogger/paginacionbloggermtb.js
301 Moved Permanently 0 B URL HTTP/1.1 dl.dropbox.com/u/35784805/Mil%20Trucos%20Blogger/paginacionbloggermtb.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /u/35784805/Mil%20Trucos%20Blogger/paginacionbloggermtb.js HTTP/1.1
Host: dl.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 301 Moved Permanently
location: https://dl.dropbox.com/u/35784805/Mil%20Trucos%20Blogger/paginacionbloggermtb.js
date: Mon, 28 Nov 2022 09:54:48 GMT
server: envoy
x-dropbox-request-id: cece9ef9f41c42e28489db7db1bf68e1
content-length: 0
fonts.googleapis.com/css?family=Yanone+Kaffeesatz
200 OK 470 B URL HTTP/1.1 fonts.googleapis.com/css?family=Yanone+Kaffeesatz
IP
Hash e6a1aa6d858f5b8232cdf389bc61f103
1ce0002235a21a1037d74aa2d519ea4fa4269281
981c42d7694bcaeb7702b53ad6a0eb3d85f86937a2c053b93776c25a6a5479e0
GET /css?family=Yanone+Kaffeesatz HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 28 Nov 2022 09:54:48 GMT
Date: Mon, 28 Nov 2022 09:54:48 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
code.jquery.com/jquery-1.6.2.min.js
200 OK 32 kB URL HTTP/1.1 code.jquery.com/jquery-1.6.2.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32764)
Hash 86ae1ea4da012caf06dbcfa9e32001ea
4f6fce62c94fc50d0529a09d5f84a277c64fa0a1
60c3705049a05d3543b2ecf5ccd9516d338322b38f2a9b006eda24189db1afc3
GET /jquery-1.6.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:54:48 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 32049
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"611feac9-165a4"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1669629288.dop014.sk1.t,1669629288.cds026.sk1.c
s7.addthis.com/js/250/addthis_widget.js
308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/250/addthis_widget.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/250/addthis_widget.js
Date: Mon, 28 Nov 2022 09:54:48 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
s7.addthis.com/js/300/addthis_widget.js
308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/300/addthis_widget.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/300/addthis_widget.js
Date: Mon, 28 Nov 2022 09:54:48 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9f2751b862f1815bef2869dc411f6021
cf001bd30b74c30190683c05ac81c97e5ccd9c3e
464e9f5b8f9e6a87b46b2cde3f4b554ff3641732f1506c2f2a6edf40dd972d6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: text/css
age: 480130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 28 Nov 2022 09:54:48 GMT
expires: Mon, 28 Nov 2022 09:54:48 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/charts/loader.js
200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js
IP
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 09:48:50 GMT
expires: Mon, 28 Nov 2022 10:48:50 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
content-type: text/javascript
age: 358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 582765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116325
date: Mon, 28 Nov 2022 09:54:48 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ff39bf9cb1ee0acefbf92f30558b964e
c32205c9f36e60a59d6268179e5e009f5fc18d02
fdd8430b73bc19518cd77ab42321fb37231c22fc0e0ba19bf8ab6375acba753e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1750
Cache-Control: max-age=131348
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Etag: "6383dca6-1d7"
Expires: Tue, 29 Nov 2022 22:23:56 GMT
Last-Modified: Sun, 27 Nov 2022 21:54:46 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash ff39bf9cb1ee0acefbf92f30558b964e
c32205c9f36e60a59d6268179e5e009f5fc18d02
fdd8430b73bc19518cd77ab42321fb37231c22fc0e0ba19bf8ab6375acba753e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1750
Cache-Control: max-age=131348
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Etag: "6383dca6-1d7"
Expires: Tue, 29 Nov 2022 22:23:56 GMT
Last-Modified: Sun, 27 Nov 2022 21:54:46 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash ff39bf9cb1ee0acefbf92f30558b964e
c32205c9f36e60a59d6268179e5e009f5fc18d02
fdd8430b73bc19518cd77ab42321fb37231c22fc0e0ba19bf8ab6375acba753e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4769
Cache-Control: max-age=134367
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Etag: "6383dca6-1d7"
Expires: Tue, 29 Nov 2022 23:14:15 GMT
Last-Modified: Sun, 27 Nov 2022 21:54:46 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/250/addthis_widget.js
200 OK 116 kB URL HTTP/2 s7.addthis.com/js/250/addthis_widget.js
IP
File type ASCII text, with very long lines (54602)
Size 116 kB (116410 bytes)
Hash 74dba9308521914ee079a9c7e94bd50c
ed75e10699323f451dc1c7b48df2a318f7610f7d
9199b01cb24cd038473f4613b1aa1049f54c1600e0705760429052a6f69c8bce
GET /js/250/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116410
date: Mon, 28 Nov 2022 09:54:48 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.centralblogs.com.br/estrutura/bannerp.png
301 Moved Permanently 162 B URL HTTP/1.1 www.centralblogs.com.br/estrutura/bannerp.png
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /estrutura/bannerp.png HTTP/1.1
Host: www.centralblogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 28 Nov 2022 09:54:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://centralblogs.com.br/estrutura/bannerp.png
X-ac: 3.arn BYPASS
3.bp.blogspot.com/-mbkeJGAJLyY/UE0oq5l-t5I/AAAAAAAAAVw/JcJ95uMRoqM/s1600/facebook_compartilhar.jpg
200 OK 2.8 kB URL HTTP/1.1 3.bp.blogspot.com/-mbkeJGAJLyY/UE0oq5l-t5I/AAAAAAAAAVw/JcJ95uMRoqM/s1600/facebook_compartilhar.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 109x28, components 3\012- data
Hash fc96cc406cf0cf9d682473ec384871a7
6cb198347ac0683e8557de5e7650337200a1f897
eed89afb21303364383b4342851804b977d28d7b777d0c7a79aaab6b09d0b4c1
GET /-mbkeJGAJLyY/UE0oq5l-t5I/AAAAAAAAAVw/JcJ95uMRoqM/s1600/facebook_compartilhar.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="facebook_compartilhar.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2812
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 05:57:24 GMT
Expires: Wed, 23 Nov 2022 19:55:04 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 14244
ETag: "v15c"
Content-Type: image/jpeg
sites.google.com/site/paginblogger/numeradas/pagenav.js
302 Found 205 B URL HTTP/2 sites.google.com/site/paginblogger/numeradas/pagenav.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 21fc24f22a75da5cd91a9d5ef21f5b72
69197b304a97d2e4ea70ab69ac29b415d0c39486
2ee5383b6476a1356a390067b149f1d4b79ec5c0493ed360338b88a195393ad6
GET /site/paginblogger/numeradas/pagenav.js HTTP/1.1
Host: sites.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
x-robots-tag: noarchive
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 09:54:48 GMT
last-modified: Sat, 04 Jul 2020 03:07:51 GMT
etag: "1593832071665"
location: https://sites.google.com/site/paginblogger/numeradas/pagenav.js?attredirects=0
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 205
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sites.google.com/site/paginblogger/numeradas/pagenav.js?attredirects=0
302 Found 454 B URL HTTP/2 sites.google.com/site/paginblogger/numeradas/pagenav.js?attredirects=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (415)
Hash 08fa127ae7b6cf13f1e0561022da92b4
be1da914fce2a9808bc6bfe13a642a7160b425b2
f31d7603b425362d2df84fab5640e5e60ddb5f48e359361c4e38257e2133ce04
GET /site/paginblogger/numeradas/pagenav.js?attredirects=0 HTTP/1.1
Host: sites.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://89edd755-a-62cb3a1a-s-sites.googlegroups.com/site/paginblogger/numeradas/pagenav.js?attachauth=ANoY7cpg07NoT_NzZzdGTtF56v408vgLR-r5oLYGRa1uHMhI2Nj9yuPSRkbs_8MzrFRmlzswR2cOmTAANhiWcsLTeVRi_4-XFQkWmLVtphQSOVKwionStZUQ6d0IrRNwzPWK83qt8Vitx2-ERh-U8yqEGn8yOqvKcnz5ttIW8oz9hBAkiG9YQ5WXkYz5hzztuMhZyWuFytQerCG65BfrlhVSnQi42oDBN9q0koGAc4_Idd-_l9vXP0E%3D&attredirects=0
content-encoding: gzip
date: Mon, 28 Nov 2022 09:54:48 GMT
expires: Mon, 28 Nov 2022 09:54:48 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 454
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 09:08:55 GMT
cache-control: public,max-age=3600
age: 2754
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0eb7e2628b0e93da8e23c8c0f440e6eb
61a951411bd37416f8bbe3a52f9d80d932b7aaba
c610585dcbb7eff5aa2955872d064cea7c566a5a0e403163f8d8ff0b91a9fd0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-xwOstapeIfw/UJPOfy37CJI/AAAAAAAAAGE/KH2GZ6hNanM/s1600/google.png
200 OK 888 B URL HTTP/1.1 4.bp.blogspot.com/-xwOstapeIfw/UJPOfy37CJI/AAAAAAAAAGE/KH2GZ6hNanM/s1600/google.png
IP
File type PNG image data, 40 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash b4bf73008657e106daa706e88204b48a
ad8b69ab9638b7a4d61970364914ee7603288f7d
c7f932d26325caa89e8d9cf2dbd855111c04ef06a8b9a35abc0c5fcd16df2962
GET /-xwOstapeIfw/UJPOfy37CJI/AAAAAAAAAGE/KH2GZ6hNanM/s1600/google.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v61"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="google.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 888
X-XSS-Protection: 0
2.bp.blogspot.com/-0R6SXdGsaOY/UJPOxEKj7UI/AAAAAAAAAGU/SmEdbJ1oH8g/s1600/twitter.png
200 OK 1.8 kB URL HTTP/1.1 2.bp.blogspot.com/-0R6SXdGsaOY/UJPOxEKj7UI/AAAAAAAAAGU/SmEdbJ1oH8g/s1600/twitter.png
IP
File type PNG image data, 42 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 1dd3cae6a553ad3eb7e47173b74a22aa
ac904b88b215a7fcf0d0776759a088f1eb9085d6
d209b559a37795a72a659305c81c7b5309feaabd4c08d027952a642963ec0d25
GET /-0R6SXdGsaOY/UJPOxEKj7UI/AAAAAAAAAGU/SmEdbJ1oH8g/s1600/twitter.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="twitter.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1792
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 09:54:49 GMT
Expires: Sat, 26 Nov 2022 11:31:43 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v65"
Content-Type: image/png
Age: 0
3.bp.blogspot.com/-uA68jRuR9VI/UJPO_BQ5PeI/AAAAAAAAAGk/3E-WM5z2R90/s1600/facebook.png
200 OK 1.7 kB URL HTTP/1.1 3.bp.blogspot.com/-uA68jRuR9VI/UJPO_BQ5PeI/AAAAAAAAAGk/3E-WM5z2R90/s1600/facebook.png
IP
File type PNG image data, 42 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ea9f81a4d66c9e2fecca8ccf8674d19
41670325ad601e7f80c8514fc2f32ceb72844e08
82f80c0c757d2fb467734f6961aa93c36aa60927d52d5dd3464209d0634f8213
GET /-uA68jRuR9VI/UJPO_BQ5PeI/AAAAAAAAAGk/3E-WM5z2R90/s1600/facebook.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v69"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="facebook.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 1685
X-XSS-Protection: 0
3.bp.blogspot.com/-npkzH5BGKU4/UY8DoohnMxI/AAAAAAAAC50/yQy1teFnIkY/s1600/BUSCA_NOVA.jpg
200 OK 97 kB URL HTTP/1.1 3.bp.blogspot.com/-npkzH5BGKU4/UY8DoohnMxI/AAAAAAAAC50/yQy1teFnIkY/s1600/BUSCA_NOVA.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 275x294, components 3\012- data
Hash 42ac1767b1ab128ad0c59b496b1d0744
93965e235e6d06f0591705babb5f4a9c2589999a
5c38520c39ed386183d68f11321e74ddc77aecc174d80c96d80222620be82e0e
GET /-npkzH5BGKU4/UY8DoohnMxI/AAAAAAAAC50/yQy1teFnIkY/s1600/BUSCA_NOVA.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb9d"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="BUSCA_NOVA.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 97092
X-XSS-Protection: 0
fonts.gstatic.com/s/yanonekaffeesatz/v24/3y9I6aknfjLm_3lMKjiMgmUUYBs04aUXNxt9gW2LIfto9tWZd2GK.woff2
200 OK 14 kB URL HTTP/1.1 fonts.gstatic.com/s/yanonekaffeesatz/v24/3y9I6aknfjLm_3lMKjiMgmUUYBs04aUXNxt9gW2LIfto9tWZd2GK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13704, version 1.0\012- data
Hash 981fb5afce9c6d84ff98d6ac2ed715b2
2f23e6611a5686a277370bf2a564384d6a244dd7
a6d773453350612e92fd89d38368c5c8f68b8bfc6dbcbbf2d1aabb8139a7a1b2
GET /s/yanonekaffeesatz/v24/3y9I6aknfjLm_3lMKjiMgmUUYBs04aUXNxt9gW2LIfto9tWZd2GK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bubanana.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 13704
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 19:05:47 GMT
Expires: Thu, 23 Nov 2023 19:05:47 GMT
Cache-Control: public, max-age=31536000
Age: 398942
Last-Modified: Tue, 23 Aug 2022 18:20:14 GMT
Content-Type: font/woff2
1.bp.blogspot.com/-lqCBC4f6AJE/UPn9hAtkYWI/AAAAAAAACuM/9-UX7S2iHfI/s1600/870_326698314097933_1621608576_n.jpg
200 OK 27 kB URL HTTP/1.1 1.bp.blogspot.com/-lqCBC4f6AJE/UPn9hAtkYWI/AAAAAAAACuM/9-UX7S2iHfI/s1600/870_326698314097933_1621608576_n.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 478x438, components 3\012- data
Hash 94f76c1579c7f4d0db9e58685cc87ab9
ade29a43a61d4dd17813f9ba522216271dc56af5
b4db1f9db14523fd2fd4ba89b4ae71c57c1c3626d0d2212a090b07307367cdb8
GET /-lqCBC4f6AJE/UPn9hAtkYWI/AAAAAAAACuM/9-UX7S2iHfI/s1600/870_326698314097933_1621608576_n.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vae3"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="870_326698314097933_1621608576_n.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 26559
X-XSS-Protection: 0
2.bp.blogspot.com/-MCgoxX5cbfg/UPoAA5maRlI/AAAAAAAACu0/GLqg8DcLE98/s1600/1041_460210487364423_708176603_n.jpg
200 OK 48 kB URL HTTP/1.1 2.bp.blogspot.com/-MCgoxX5cbfg/UPoAA5maRlI/AAAAAAAACu0/GLqg8DcLE98/s1600/1041_460210487364423_708176603_n.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 600x620, components 3\012- data
Hash 17bbdd3613b4b2bba0299ffb9a1da692
78be35b0089fe96bfd1a991c778730ad2a72a291
ab5636d2f41e4e40e60af7496680936bd1cde6896e36ff323d44a5171c30f442
GET /-MCgoxX5cbfg/UPoAA5maRlI/AAAAAAAACu0/GLqg8DcLE98/s1600/1041_460210487364423_708176603_n.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vaed"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1041_460210487364423_708176603_n.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 47872
X-XSS-Protection: 0
1.bp.blogspot.com/-hpTCQNA6N9o/UPn_kefuiVI/AAAAAAAACuo/8A0qsa-YbUI/s1600/19029_406403599443818_1265907634_n.jpg
200 OK 39 kB URL HTTP/1.1 1.bp.blogspot.com/-hpTCQNA6N9o/UPn_kefuiVI/AAAAAAAACuo/8A0qsa-YbUI/s1600/19029_406403599443818_1265907634_n.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 550x516, components 3\012- data
Hash c557c53539647b84a2cc37c921dc719e
f87edd49f31abdf73bb29b4c1e18013586c5a8a5
a2e1c02c2dfd3f646a0cd29fd99cfe18b1c241e5e57b1a18cb85ef2f904a03c6
GET /-hpTCQNA6N9o/UPn_kefuiVI/AAAAAAAACuo/8A0qsa-YbUI/s1600/19029_406403599443818_1265907634_n.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vaea"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="19029_406403599443818_1265907634_n.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 39012
X-XSS-Protection: 0
2.bp.blogspot.com/-rAtVtdAcbtw/Ug6iXde90JI/AAAAAAAAC9M/wG3P544uP4g/s640/971763_592130264152755_1075086473_n.jpg
200 OK 50 kB URL HTTP/1.1 2.bp.blogspot.com/-rAtVtdAcbtw/Ug6iXde90JI/AAAAAAAAC9M/wG3P544uP4g/s640/971763_592130264152755_1075086473_n.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x235, components 3\012- data
Hash 3c80f14cc7215fe139fbc2b5d0882849
949b1591de192ee36f8338dace3f190a4fbdd901
9249a274917cbdd196a1e7724fefcec30d485eec3dc654941e8fb36cf8bd67f6
GET /-rAtVtdAcbtw/Ug6iXde90JI/AAAAAAAAC9M/wG3P544uP4g/s640/971763_592130264152755_1075086473_n.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vbd4"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="971763_592130264152755_1075086473_n.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 49554
X-XSS-Protection: 0
2.bp.blogspot.com/-49fAvc-NiRQ/T34GH3b2m7I/AAAAAAAABX0/eSE3H7P3OW8/s1600/Banner_Sugestoe.png
200 OK 21 kB URL HTTP/1.1 2.bp.blogspot.com/-49fAvc-NiRQ/T34GH3b2m7I/AAAAAAAABX0/eSE3H7P3OW8/s1600/Banner_Sugestoe.png
IP
File type PNG image data, 270 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash 7a4c1fa4b50eb96bef51293bbd432c8d
3f49b0c6cecd4154cc11b10890c144af162a74d5
1abd352230e6a79c90f61c65633633c80d7dffca05a7928a6c4a2bf6c3aa15de
GET /-49fAvc-NiRQ/T34GH3b2m7I/AAAAAAAABX0/eSE3H7P3OW8/s1600/Banner_Sugestoe.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v57d"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Banner_Sugestoe.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 20577
X-XSS-Protection: 0
ocsp.digicert.com/
200 OK 471 B IP
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4348
Cache-Control: max-age=87871
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:49 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:19:20 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
4.bp.blogspot.com/-9bT82nxiL9o/UPn-p_4GbhI/AAAAAAAACuY/D9P4QTDGwHQ/s1600/3370_195205700623222_1009661034_n.png
200 OK 216 kB URL HTTP/1.1 4.bp.blogspot.com/-9bT82nxiL9o/UPn-p_4GbhI/AAAAAAAACuY/D9P4QTDGwHQ/s1600/3370_195205700623222_1009661034_n.png
IP
File type PNG image data, 500 x 351, 8-bit/color RGB, non-interlaced\012- data
Size 216 kB (216389 bytes)
Hash 71998c12e638f0baca73406476a1da3f
23cc0bde40cc7f5e4dff7ff9b4b3311ab2bd2171
1495709f65c1fd6aaa4c188fef72d91715722349eb2769920bb7e1a17364d114
GET /-9bT82nxiL9o/UPn-p_4GbhI/AAAAAAAACuY/D9P4QTDGwHQ/s1600/3370_195205700623222_1009661034_n.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vae6"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="3370_195205700623222_1009661034_n.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 216389
X-XSS-Protection: 0
4.bp.blogspot.com/-aAVxWh0fO1Y/UJLpK_HrU2I/AAAAAAAAAD0/_RA49ewvv6o/s1600/bg.jpg
200 OK 4.1 kB URL HTTP/1.1 4.bp.blogspot.com/-aAVxWh0fO1Y/UJLpK_HrU2I/AAAAAAAAAD0/_RA49ewvv6o/s1600/bg.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 50x50, components 3\012- data
Hash c9ba8465e4ef49d56d7f553887d0d5e0
4c39b64378afea0769625c86ac3ae57f89bed2d9
957370ceac5dc7a65488532f4a67295032acd68e799ccb15d4ae32f31ad232ad
GET /-aAVxWh0fO1Y/UJLpK_HrU2I/AAAAAAAAAD0/_RA49ewvv6o/s1600/bg.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3d"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="bg.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 4087
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0eb7e2628b0e93da8e23c8c0f440e6eb
61a951411bd37416f8bbe3a52f9d80d932b7aaba
c610585dcbb7eff5aa2955872d064cea7c566a5a0e403163f8d8ff0b91a9fd0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
centralblogs.com.br/wp-content/uploads/2019/08/bannerp.png
200 OK 725 B URL HTTP/2 centralblogs.com.br/wp-content/uploads/2019/08/bannerp.png
IP
File type PNG image data, 80 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash 4ba6b213966bcadee546cd4ddc82a8d9
e40b03268d30a5b0ea35a32914218752c3094723
b0debd15dbcd1b08c3b06cb3580562b1fe12aca8e0d5a4d327fbecd8fa8141f1
GET /wp-content/uploads/2019/08/bannerp.png HTTP/1.1
Host: centralblogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:54:49 GMT
content-type: image/png
content-length: 725
strict-transport-security: max-age=31536000
last-modified: Sat, 10 Jul 2021 03:46:05 GMT
etag: "60e917fd-2d5"
expires: Mon, 05 Dec 2022 09:54:49 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
2.bp.blogspot.com/-8nFoqKOZAlI/UYapcLaEl-I/AAAAAAAAC0Q/67a9yV3Z_Ok/s1600/HOME.jpg
200 OK 6.0 kB URL HTTP/1.1 2.bp.blogspot.com/-8nFoqKOZAlI/UYapcLaEl-I/AAAAAAAAC0Q/67a9yV3Z_Ok/s1600/HOME.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 99x52, components 3\012- data
Hash de2f0a9355d382fbea56e0808138214c
7a506d6f05b6e7d6d8a5b6f6c0b74054d169aadd
38d6cf838d84a27a2a90fc320402f48c447aa34ea0154be52060412f22b784e8
GET /-8nFoqKOZAlI/UYapcLaEl-I/AAAAAAAAC0Q/67a9yV3Z_Ok/s1600/HOME.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb46"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="HOME.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 5985
X-XSS-Protection: 0
2.bp.blogspot.com/-iWV5OoZBCNg/UYan_vdV7wI/AAAAAAAACz8/wAqVSjEE7J4/s1600/Busca.jpg
200 OK 8.8 kB URL HTTP/1.1 2.bp.blogspot.com/-iWV5OoZBCNg/UYan_vdV7wI/AAAAAAAACz8/wAqVSjEE7J4/s1600/Busca.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 225x52, components 3\012- data
Hash 528d949d3cc53ba107bc7a75baaab2ee
4c627c1cf6a47b1ac67556d7dd1a84e78a58688e
b2ce8eb0155ef2642bb78d9b33ab54d988523955e291e4611764d5de245a22e2
GET /-iWV5OoZBCNg/UYan_vdV7wI/AAAAAAAACz8/wAqVSjEE7J4/s1600/Busca.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb40"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Busca.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 8769
X-XSS-Protection: 0
bubanana.blogspot.com/URL-DO-ARQUIVO-SHADOWBOX.CSS
404 Not Found 268 kB URL HTTP/1.1 bubanana.blogspot.com/URL-DO-ARQUIVO-SHADOWBOX.CSS
IP
Size 268 kB (267794 bytes)
Hash f46320120d98ddeca9a3f711a6a064bc
f96ce2a9b89dfd2a63b51e19220fe639ea42ae25
856c500bb8fa0377bc7c43f5fb9295276325c2738ce6c65f6df1e72d681ed92b
Analyzer Verdict Alert fortinet Malware
GET /URL-DO-ARQUIVO-SHADOWBOX.CSS HTTP/1.1
Host: bubanana.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 28 Nov 2022 09:54:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 14566
Server: GSE
4.bp.blogspot.com/-wzPk5NcBZQ0/UYVpp8SJEZI/AAAAAAAACyo/0kkkQfSW8Pg/s1600/banner.png
200 OK 104 kB URL HTTP/1.1 4.bp.blogspot.com/-wzPk5NcBZQ0/UYVpp8SJEZI/AAAAAAAACyo/0kkkQfSW8Pg/s1600/banner.png
IP
File type PNG image data, 1000 x 420, 8-bit/color RGBA, non-interlaced\012- data
Size 104 kB (103497 bytes)
Hash 2a2e780df5ed4a8b5d0abb715e53eb9f
b42c4a8272dca10d44a07bf4cfa3785cb0aa5ca3
fb4630f606f241a19c87a089218c6367d74b4fb58994ce44b1029ffd43f80dd1
GET /-wzPk5NcBZQ0/UYVpp8SJEZI/AAAAAAAACyo/0kkkQfSW8Pg/s1600/banner.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb2b"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="banner.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 103497
X-XSS-Protection: 0
2.bp.blogspot.com/-kXYhv0ifxb8/UYbfuogZhqI/AAAAAAAAC0w/wB4kjP8t76c/s1600/top-post.png
200 OK 21 kB URL HTTP/1.1 2.bp.blogspot.com/-kXYhv0ifxb8/UYbfuogZhqI/AAAAAAAAC0w/wB4kjP8t76c/s1600/top-post.png
IP
File type PNG image data, 682 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 12e98c2fc02ebabd9a4d0e07138c7420
a78b32f6bbbd35b7dd9bc7cd8024148b154d9ee4
1229e7d4d37f00aad330013341b10f2ecbac8b564e51f82da5834ffff333dcac
GET /-kXYhv0ifxb8/UYbfuogZhqI/AAAAAAAAC0w/wB4kjP8t76c/s1600/top-post.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb4e"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="top-post.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 21086
X-XSS-Protection: 0
1.bp.blogspot.com/-_9alokBaDLE/UYbgjqxi5mI/AAAAAAAAC1A/S_HIfmg30vg/s1600/Metade-post.jpg
200 OK 900 B URL HTTP/1.1 1.bp.blogspot.com/-_9alokBaDLE/UYbgjqxi5mI/AAAAAAAAC1A/S_HIfmg30vg/s1600/Metade-post.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 682x5, components 3\012- data
Hash 6243277ebdad7c5dda3135ba40e053b8
9107bb8d3c3a032b3a4c25c7c428fee25a1f5d3c
ca9e3af965e7893550a8bc1af48942e3a69e436d4d095339f5a96e8e9ae95d30
GET /-_9alokBaDLE/UYbgjqxi5mI/AAAAAAAAC1A/S_HIfmg30vg/s1600/Metade-post.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb50"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Metade-post.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 900
X-XSS-Protection: 0
1.bp.blogspot.com/-gVoDWhdHN1g/UYhpGijKCxI/AAAAAAAAC1s/xrsc09a6lno/s1600/post-rodape.png
200 OK 16 kB URL HTTP/1.1 1.bp.blogspot.com/-gVoDWhdHN1g/UYhpGijKCxI/AAAAAAAAC1s/xrsc09a6lno/s1600/post-rodape.png
IP
File type PNG image data, 682 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a57a8a7b33a2700528fe24bebc5a73f
06def8d3d728743d3bc0e9daec4f5a3e9724721a
f690860e6ba851451e7fd862eed259945d5aa1fbb6d7a233185bf06aab6a9ab6
GET /-gVoDWhdHN1g/UYhpGijKCxI/AAAAAAAAC1s/xrsc09a6lno/s1600/post-rodape.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb5c"
Expires: Tue, 29 Nov 2022 09:54:49 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="post-rodape.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:49 GMT
Server: fife
Content-Length: 15599
X-XSS-Protection: 0
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SvSrq7xRD+vPx39UOxcnFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7ujCRPaz6abHjF0DliNvIgjosu4=
forgifs.com/gallery/d/206771-1/Dog-cross-eyed-trick.gif?
200 OK 1.0 MB URL HTTP/1.1 forgifs.com/gallery/d/206771-1/Dog-cross-eyed-trick.gif?
IP
File type GIF image data, version 89a, 388 x 276\012- data
Size 1.0 MB (1047415 bytes)
Hash 865e5aa42c73dc90db16ef8800fb1e36
0931f384f60aa692af4040720135f499097fa8e8
ee1446cb04cff0717774697e0b52fd1a00aed84d4a3a3b631d541af9f0f7a052
GET /gallery/d/206771-1/Dog-cross-eyed-trick.gif? HTTP/1.1
Host: forgifs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 10:38:12 GMT
Content-Type: image/gif
Content-Length: 1047415
Connection: keep-alive
Content-Disposition: inline; filename="Dog-cross-eyed-trick.gif"
Last-Modified: Fri, 28 Dec 2012 10:48:14 GMT
Expires: Fri, 27 Jan 2023 10:38:12 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
usuarionovo.com/
301 Moved Permanently 223 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d51ed608dd0a8507668bec707634bd5b
0d3464fd0afecbaa2a513a42cdd3ef7cf589c600
8533a52a734acaa7095680fba274af4e25b6fcc8aef0b0e1059eed286670da16
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: usuarionovo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: http://www.usuarionovo.com
Date: Mon, 28 Nov 2022 09:54:49 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 223
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dl.dropbox.com/u/93265919/efeitoimagens/data-post.js
404 Not Found 8.5 kB URL HTTP/2 dl.dropbox.com/u/93265919/efeitoimagens/data-post.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23665)
Hash 369ead7d522d8b5e8866b117e18b5afd
b48246b6ac2306907ae403c9c06b30814f7d3120
7dd81a9a4e71f45c74a576f8118a438516c43dbfa0ea6c097a930b49b230ddf8
GET /u/93265919/efeitoimagens/data-post.js HTTP/1.1
Host: dl.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
date: Mon, 28 Nov 2022 09:54:49 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: noindex, nofollow, noimageindex
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: remote
x-dropbox-request-id: ad07b7d2726f4e23bfae3ae2513a2ac9
X-Firefox-Spdy: h2
www.google-analytics.com/ga.js
200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Mon, 28 Nov 2022 09:05:59 GMT
Expires: Mon, 28 Nov 2022 11:05:59 GMT
Cache-Control: public, max-age=7200
Age: 2930
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.digicert.com/
200 OK 471 B IP
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4781
Cache-Control: max-age=137995
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:49 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:14:44 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
2.bp.blogspot.com/-njeZ0AeOXUo/UJPYkvZMeVI/AAAAAAAAAHU/XPKPSa31O5c/s1600/subir1.png
200 OK 3.3 kB URL HTTP/1.1 2.bp.blogspot.com/-njeZ0AeOXUo/UJPYkvZMeVI/AAAAAAAAAHU/XPKPSa31O5c/s1600/subir1.png
IP
File type PNG image data, 57 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ef38e46aefe7f57994e8e4a888fe370
a48e67277faa9c256d8f1aaaa5038a68c7148021
134d3121a917822457626ae86ef6ed486c86624118a6a2ec6a912fa5f8a647a7
GET /-njeZ0AeOXUo/UJPYkvZMeVI/AAAAAAAAAHU/XPKPSa31O5c/s1600/subir1.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="subir1.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3336
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 09:54:50 GMT
Expires: Sat, 26 Nov 2022 11:31:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v75"
Content-Type: image/png
Age: 0
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=483424847&utmhn=bubanana.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BU%20Banana&utmhid=1487839750&utmr=-&utmp=%2F&utmht=1669629289492&utmac=UA-29880443-1&utmcc=__utma%3D51597498.1125930400.1669629289.1669629289.1669629289.1%3B%2B__utmz%3D51597498.1669629289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1904439389&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=483424847&utmhn=bubanana.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BU%20Banana&utmhid=1487839750&utmr=-&utmp=%2F&utmht=1669629289492&utmac=UA-29880443-1&utmcc=__utma%3D51597498.1125930400.1669629289.1669629289.1669629289.1%3B%2B__utmz%3D51597498.1669629289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1904439389&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=483424847&utmhn=bubanana.blogspot.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BU%20Banana&utmhid=1487839750&utmr=-&utmp=%2F&utmht=1669629289492&utmac=UA-29880443-1&utmcc=__utma%3D51597498.1125930400.1669629289.1669629289.1669629289.1%3B%2B__utmz%3D51597498.1669629289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1904439389&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Mon, 28 Nov 2022 09:54:50 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
dl.dropbox.com/u/35784805/Mil%20Trucos%20Blogger/paginacionbloggermtb.js
404 Not Found 4.7 kB URL HTTP/2 dl.dropbox.com/u/35784805/Mil%20Trucos%20Blogger/paginacionbloggermtb.js
IP
Hash f48b4fdb288f1d618a69e091d49be782
1b69b07f9c5d4bf4f96911c9ab1214f7d3155bc2
1e08731c52cb5fdc2244af3dd9d5c08a89b98f2ff29585e5e4154b8be3235cbb
GET /u/35784805/Mil%20Trucos%20Blogger/paginacionbloggermtb.js HTTP/1.1
Host: dl.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
date: Mon, 28 Nov 2022 09:54:49 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: noindex, nofollow, noimageindex
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: remote
x-dropbox-request-id: 6dcdf2ffc8714ca98f5acbbdd8ceca31
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 28 Nov 2022 09:54:50 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 178ffcc14403da7f777a91a61e3933bc
5a756f4357d8ec45e61fa5b4917853bd2380b835
0f783e0ae738f16b52f1ede3b0b6a128bd4ac752c98c71fc307211a8abf933ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bubanana.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmBI7IbA8C27H-WHUyFlUDVzwf8hqLPQZUDJWEbDrPwV7RdcCUepB5f_CcdI4TBFQNtt5a7sP2qa__dV9StLXJ0NGeuJQA
200 OK 238 B URL HTTP/1.1 bubanana.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmBI7IbA8C27H-WHUyFlUDVzwf8hqLPQZUDJWEbDrPwV7RdcCUepB5f_CcdI4TBFQNtt5a7sP2qa__dV9StLXJ0NGeuJQA
IP
File type JSON data\012- , ASCII text, with very long lines (396), with no line terminators
Hash 1b3b5874db7f1fe538198abc5b491196
91a391b386853ccca4d1185ccdd7ddbe3a59af85
4c989cfe706a06cc2d5308adbfbc4fdbcdc46d26c4333a57024b3c97ded7a8f4
GET /b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmBI7IbA8C27H-WHUyFlUDVzwf8hqLPQZUDJWEbDrPwV7RdcCUepB5f_CcdI4TBFQNtt5a7sP2qa__dV9StLXJ0NGeuJQA HTTP/1.1
Host: bubanana.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 09:54:50 GMT
Expires: Mon, 28 Nov 2022 09:54:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 238
Server: GSE
static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/5bdAWVPYBPC.css?_nc_x=Ij3Wp8lg5Kz
200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/5bdAWVPYBPC.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (4431)
Hash ba954e97ec5946479be5630757b76ca8
2588e32e2022cf42d7dee40768c011769a0efb86
bf859ca7d3c40ff138c346c2c59dc17b6ccbb355c713bd6ea57e6283da459fdf
GET /rsrc.php/v3/yu/l/0,cross/5bdAWVPYBPC.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 27 Nov 2023 16:58:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: upVOl+xZRkeb5WMHV7dsqA==
x-fb-debug: 3JEBrRX8ZdGd0Rhj0gdXWYTFCgQhFAQRwPUwZvXGonnN9l5ntnIa81PkTJrX/SrfFEs/iwBR4zzMKY0Hw4tGgg==
priority: u=2
content-length: 4978
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 09:54:50 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5472657612896998266%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://bubanana.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5472657612896998266%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://bubanana.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
302 Found 455 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5472657612896998266%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://bubanana.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5472657612896998266%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://bubanana.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (500)
Hash 4e023c31c62d850e95d5eb1acbf97b01
8239178b5356b021cd76faa03264633e9e2ca180
7c4a992843a9a61df4e1d30fbf5542e92482d7cbf3bdded79751cfe40ac10b3d
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5472657612896998266%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://bubanana.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5472657612896998266%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://bubanana.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 09:54:50 GMT
location: https://www.blogger.com/followers.g?blogID=5472657612896998266&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNGRkZGRkYyByMwMDAwMDA6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fbubanana.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-uc5iKmTJR_jrL9jJpgo6Aw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 455
server: GSE
set-cookie: __Host-GAPS=1:0Kebleh38t1aLXTPKCXhAF9zqj1c-Q:7KO_NMwFgPCz_f_a;Path=/;Expires=Wed, 27-Nov-2024 09:54:50 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 10:55:51 GMT
expires: Wed, 22 Nov 2023 10:55:51 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 19 Nov 2022 03:11:36 GMT
content-type: text/javascript
age: 514739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
developers.google.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: 4710dff87b5a0b225bd46c40806587d2
Date: Mon, 28 Nov 2022 09:54:50 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
2.bp.blogspot.com/-ioNPSDK4B7k/UY1b-Fy8YhI/AAAAAAAAC5Q/UmIjhrCHr_0/s1600/topsidebar.png
200 OK 1.5 kB URL HTTP/1.1 2.bp.blogspot.com/-ioNPSDK4B7k/UY1b-Fy8YhI/AAAAAAAAC5Q/UmIjhrCHr_0/s1600/topsidebar.png
IP
File type PNG image data, 295 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 6356249c9cb08db87ae85a951b5190fc
ce032a714ff9497914860646ead0fe47d7546d99
af9cc05235588a3d6d4f1e218f55fc8ea956dd03d6b276ff0fa44fc325e1a39f
GET /-ioNPSDK4B7k/UY1b-Fy8YhI/AAAAAAAAC5Q/UmIjhrCHr_0/s1600/topsidebar.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vb94"
Expires: Tue, 29 Nov 2022 09:54:50 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="topsidebar.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 28 Nov 2022 09:54:50 GMT
Server: fife
Content-Length: 1548
X-XSS-Protection: 0
2.bp.blogspot.com/-U3UUSlVgwlo/UJPWizACD-I/AAAAAAAAAHM/lwmbXzGx7Ng/s1600/rodape.png
200 OK 322 B URL HTTP/1.1 2.bp.blogspot.com/-U3UUSlVgwlo/UJPWizACD-I/AAAAAAAAAHM/lwmbXzGx7Ng/s1600/rodape.png
IP
File type PNG image data, 6 x 51, 8-bit/color RGB, non-interlaced\012- data
Hash 522ab10adcace4425985298e76660567
74b0e3d1542b69573878d81044504831e8370aa1
4cfe290a1dce6354d8e05734877215a9446fd29175cd443b31efd15f7aaf720a
GET /-U3UUSlVgwlo/UJPWizACD-I/AAAAAAAAAHM/lwmbXzGx7Ng/s1600/rodape.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="rodape.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 322
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 09:54:50 GMT
Expires: Sat, 26 Nov 2022 11:31:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v73"
Content-Type: image/png
Age: 0
www.usuarionovo.com/
200 OK 2.9 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (482)
Hash 582958e09009f99cc72caebc68a60ea6
1f862a0e1f6ccc2f631947967d8064ce3f7cd254
67ab312db0f42321c7f4279de64187c7a20f41688291963c009299434bdab4e8
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.usuarionovo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Mon, 28 Nov 2022 09:54:50 GMT
Date: Mon, 28 Nov 2022 09:54:50 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 11 Dec 2021 08:59:35 GMT
ETag: W/"8859db95c1d07557fc2ef62c794d66e441d9f17fec19a9fa8a342623ae2572c3"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 2904
Server: GSE
www.google.com/images/errors/logo_sm.gif
200 OK 2.5 kB URL HTTP/1.1 www.google.com/images/errors/logo_sm.gif
IP
File type GIF image data, version 89a, 150 x 55\012- data
Hash bba57d2d103b1d0e5154e3c679dd33ff
9dc3b698fd3bea6f89ef4cbec6b2a588f0c774d6
4feb114e1eda3a4854d652c2cd2afeabff0f438ed4822c5a1b968772a5c2cb5b
GET /images/errors/logo_sm.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.usuarionovo.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 2510
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 12:02:28 GMT
Expires: Wed, 22 Nov 2023 12:02:28 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Content-Type: image/gif
Age: 510742
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fbubanana.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
200 OK 2.4 kB URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fbubanana.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (568)
Hash 8be88f2c5eb4cb74b8bbc40fa0196d10
cd4d65ec617851509a8505c342a83c0a48dff967
5e6110d7457de07fb83ab04e32c13944a54f59366e94e7276db01d7611e76ae7
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fbubanana.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 09:54:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-xC02_aWyBxVYInyjh41YwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widgets.amung.us/classic.js
200 OK 6.8 kB URL HTTP/1.1 widgets.amung.us/classic.js
IP
File type ASCII text, with very long lines (12997), with no line terminators
Hash e6dbc3810ce88a15b6dd7bf36f944fcd
e992835d614158a4762a4cf35a49b42ed5cd2504
1622c30705591416867c1b55975a1bc66a59746216db9e3bcd76339f372d6604
GET /classic.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:54:50 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 11 Nov 2022 22:14:49 GMT
etag: W/"636ec959-32c5"
expires: Tue, 29 Nov 2022 09:15:45 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 2345
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77123979bde6b4e8-OSL
z.moatads.com/addthismoatframe568911941483/moatframe.js
200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=53483
date: Mon, 28 Nov 2022 09:54:50 GMT
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=638485688538f976&bkl=0&bl=1&pdt=502&sid=638485688538f976&pub=xa-4f36a5b644607a31&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=bubanana.blogspot.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1669629289570&jsl=33&uvs=63848568ebae087b000&skipb=1&callback=addthis.cbs.jsonp__70863391718224130
200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=638485688538f976&bkl=0&bl=1&pdt=502&sid=638485688538f976&pub=xa-4f36a5b644607a31&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=bubanana.blogspot.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1669629289570&jsl=33&uvs=63848568ebae087b000&skipb=1&callback=addthis.cbs.jsonp__70863391718224130
IP
File type ASCII text, with no line terminators
Hash 3c6507c1904a393f6820f180d0503648
09c39c6484fd03e5b9e85dc612f3ba6ec4a47191
325849721006959275deeacc6ac340dabd2ab2cb77d1f29b8a71a8c55a78d5ce
GET /live/red_lojson/300lo.json?si=638485688538f976&bkl=0&bl=1&pdt=502&sid=638485688538f976&pub=xa-4f36a5b644607a31&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=bubanana.blogspot.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1669629289570&jsl=33&uvs=63848568ebae087b000&skipb=1&callback=addthis.cbs.jsonp__70863391718224130 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Mon, 28 Nov 2022 09:54:50 GMT
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/xa-4f36a5b644607a31/_ate.track.config_resp
200 OK 47 B URL HTTP/2 v1.addthisedge.com/live/boost/xa-4f36a5b644607a31/_ate.track.config_resp
IP
File type ASCII text, with no line terminators
Hash 24c668b115f75423506f2ea21d1b49c2
14f956ddb2d9e8b072cd5f605c3f39526490b391
b542daef470a9730029174f975ce3ce236b3e58bf9183b11956acce994b13a16
GET /live/boost/xa-4f36a5b644607a31/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 47
cache-control: public, max-age=18, s-maxage=86400
date: Mon, 28 Nov 2022 09:54:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
bubanana.blogspot.com/favicon.ico
200 OK 223 B URL HTTP/1.1 bubanana.blogspot.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 63ada6d1f5704ad63ba58e5e9c2dd3d3
611ba998eadeb4c11fb03695f0118ecc369e30a6
219ee503fe4be98f3093e1c6d8919d1c6ba07e7fe57839950fc3a0a41d5704bf
GET /favicon.ico HTTP/1.1
Host: bubanana.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Cookie: __utma=51597498.1125930400.1669629289.1669629289.1669629289.1; __utmb=51597498.1.10.1669629289; __utmc=51597498; __utmz=51597498.1669629289.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __atuvc=1%7C48; __atuvs=63848568ebae087b000
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Mon, 28 Nov 2022 09:54:50 GMT
Date: Mon, 28 Nov 2022 09:54:50 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 08 Nov 2022 02:58:12 GMT
ETag: W/"25f8928e148125ca8b6406e4e1ce6b9d299a92aee2c4b9af3b8151b2474a665a"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 223
Server: GSE
whos.amung.us/swidget/megalink10
307 Temporary Redirect 0 B URL HTTP/1.1 whos.amung.us/swidget/megalink10
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /swidget/megalink10 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 307 Temporary Redirect
Date: Mon, 28 Nov 2022 09:54:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: no-cache, no-store, must-revalidate
location: http://widgets.amung.us/small/01/175.png
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77123979ba721bfe-OSL
link.megalink.xyz/ad1/824c1c656a4967fb956c9e545f85fe90e9cbe832?1=&2=&3=&4=&5=&utm_campaign=push_subs_04_07_2020_0000&cid=
200 OK 523 B URL HTTP/2 link.megalink.xyz/ad1/824c1c656a4967fb956c9e545f85fe90e9cbe832?1=&2=&3=&4=&5=&utm_campaign=push_subs_04_07_2020_0000&cid=
IP
Hash ffebbf9e741ee147985a7c3aab8492d3
1ee695b6adbfab445376875cfd3bb4184b3d060c
f0c82b3c1a500f2d9ee45cb35b00b04c9674256ee768825b6e1f94a75f5e1349
GET /ad1/824c1c656a4967fb956c9e545f85fe90e9cbe832?1=&2=&3=&4=&5=&utm_campaign=push_subs_04_07_2020_0000&cid= HTTP/1.1
Host: link.megalink.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:54:50 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: u=aab630d9e4a8ab7e6ce6414fad10ba2d; expires=Tue, 28-Nov-2023 09:54:50 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5384
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:54:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: up0DWugUp4S0jAtsA-KBRapBAHtcHCdTwWJock-y22fqyL6_YVFeqg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 43421
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5384
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:54:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 42784
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 42784
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AhbL-wXc_eYsgxdjf0DIEJD7Z3XfXMjXwDC52Bz_SnvmmWAhl3g99A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:38 GMT
age: 43392
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 10:15:53 GMT
age: 85137
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bb306213437ea24ab879adc9e3b6da4
771d38e18cdfa54052f7cb150b73c03154eb4368
d4cce7533fd59ef11fb8fec4bc114d5be0bacaa9134e3f1536e0d6bac1f58ffb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6498
x-amzn-requestid: 2499eb0e-74c9-4c04-ba58-3e65fc452c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHU4oAMFaAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-12f14e7a30bc1a75499cb272;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WaCfMUy6EtOLWvJy1jFbKp9KQzG5v7nq27sIo7d8gFeGesFd4uWdEw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:24:14 GMT
age: 41436
etag: "771d38e18cdfa54052f7cb150b73c03154eb4368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s7.addthis.com/static/floating-css.80f181915fa0449e1ef6.js
200 OK 815 B URL HTTP/2 s7.addthis.com/static/floating-css.80f181915fa0449e1ef6.js
IP
File type ASCII text, with very long lines (3759), with no line terminators
Hash a8b55cdb4e7a8126b02dc3d57693e64c
396854011fd100fd82d4d37481b5ea17d2c9f272
c9179b817975ec14fa26e33789112cc299fbc9d7d7f21a951283158a27cb35ce
GET /static/floating-css.80f181915fa0449e1ef6.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-eaf"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 815
date: Mon, 28 Nov 2022 09:54:50 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1205
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Mon, 28 Nov 2022 09:54:50 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
t.dtscout.com/i/?l=http%3A%2F%2Fbubanana.blogspot.com%2F&j=
200 OK 2.8 kB URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Fbubanana.blogspot.com%2F&j=
IP
File type ASCII text, with very long lines (2077)
Hash 8c5e3a9b41727a314563d1fea040e79f
912d7980fa120b63c0d4a0179f64a6d873898561
bb6609c8a504594ae74fa8b95b03cfdbc800fd02d5b1a554dd23dd9e307dfe51
GET /i/?l=http%3A%2F%2Fbubanana.blogspot.com%2F&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:50 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Mon, 28-Nov-2022 11:18:10 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Mon, 28-Nov-2022 13:54:50 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1669629290; Domain=dtscout.com; Expires=Wed, 08-Mar-2023 09:54:50 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.433
expires: Mon, 28 Nov 2022 09:54:49 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFT4xDtiYblCHejDJTjbE6HOTUuXvwsxHxj4iZxggiC%2BpYjOv0RWMTd8LsSqfEV%2FLzOgczJxTBKTjfjz8mvZ84BoVhPLZ3Ofn%2BCIslGE1f%2F6RU6K74OmJlrri9UyFZMu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7712397aaaf37196-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fbubanana.blogspot.com
200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fbubanana.blogspot.com
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fbubanana.blogspot.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2201637
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 09:54:50 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
whos.amung.us/pingjs/?k=z9muf3y0pxqg&t=BU%20Banana&c=c&x=http%3A%2F%2Fbubanana.blogspot.com%2F&y=&a=0&d=2.167&v=27&r=2937
200 OK 50 B URL HTTP/1.1 whos.amung.us/pingjs/?k=z9muf3y0pxqg&t=BU%20Banana&c=c&x=http%3A%2F%2Fbubanana.blogspot.com%2F&y=&a=0&d=2.167&v=27&r=2937
IP
File type ASCII text, with no line terminators
Hash 48345a3bce507831614fa54e0e18ab27
c8057d3f8326f52b1a34640cb7be1d15e665aff5
8eaddace771ef87fb9c7951d0f8504a1331bd89830c480fa91e0a2a7b2fe5ec5
GET /pingjs/?k=z9muf3y0pxqg&t=BU%20Banana&c=c&x=http%3A%2F%2Fbubanana.blogspot.com%2F&y=&a=0&d=2.167&v=27&r=2937 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:54:50 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7712397bdc831bfe-OSL
connect.facebook.net/en_US/sdk.js?hash=631f72e39b31cdd4bf37436c62029e8a
200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=631f72e39b31cdd4bf37436c62029e8a
IP
File type ASCII text, with very long lines (13192)
Hash 3eafef4c779fdeae788cfbc42bf79450
fe84c374103d783a5dd0aa6847153e3c61f60482
01a3300b0075139cb21591477397157e613190a50ebc9fe19117a96bd12db4b3
GET /en_US/sdk.js?hash=631f72e39b31cdd4bf37436c62029e8a HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bubanana.blogspot.com
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 74c6954698e890079494a4d7702d76ed
etag: "e4bd05d934a004bf3416528cbee3daa5"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 28 Nov 2023 09:23:03 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Pq/vTHef3q54jPvEK/eUUA==
x-fb-debug: ujIvo/N/5mmdpuo7WU7+RFGagrfsJ6bs3XIQuFqe4y+y4BTjMAOJvmXiRuNeyKIFGxNE3HBM1i+8f55f2eYGnQ==
content-length: 86898
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 09:54:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 8560c8978b5df3ffb0c739a02eb02809
1d58e4af1ab7ba382e294ffca6d51990482a6e5c
1da7a37c7026d5bd7be4ca342e9d0376a7abbaf742031962b3b79ebd4c2c3a73
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4117
Cache-Control: max-age=159612
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:51 GMT
Etag: "638441d2-139"
Expires: Wed, 30 Nov 2022 06:15:03 GMT
Last-Modified: Mon, 28 Nov 2022 05:06:26 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widgets.amung.us/small/01/175.png
200 OK 327 B URL HTTP/1.1 widgets.amung.us/small/01/175.png
IP
File type PNG image data, 80 x 15, 8-bit colormap, non-interlaced\012- data
Hash ba77a6b3cef1f8e622ab8e67f13a9233
5d3830fe7f25e8cde4eb4c1da1a56d41644e6ba2
3a08ad0555960bc9a0c2dbb9568f0dfc124712637e593b50aea9019877df5d90
GET /small/01/175.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:54:51 GMT
Content-Type: image/png
Content-Length: 327
Connection: keep-alive
last-modified: Sun, 13 Jun 2010 09:48:29 GMT
etag: "4c14a96d-147"
expires: Tue, 29 Nov 2022 09:54:51 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7712397cba20b4e8-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9b7502862b847fab779159f4a93f36b3
5c965ad315b05988499fbc01ff0c02dfc488ea8b
5fdc96148b88f35128f54ad482e3fa998c2ea3ec1ffe79057fd4157fa7c1ab2b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:54:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 11:33:40 GMT
Expires: Sun, 04 Dec 2022 11:33:39 GMT
Etag: "5c965ad315b05988499fbc01ff0c02dfc488ea8b"
Cache-Control: max-age=523727,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7712397d4be2b521-OSL
www.google.com/s2/photos/public/AIbEiAIAAABECMmis53d7IqjjAEiC3ZjYXJkX3Bob3RvKig4NzdmMmVmNWNjZmVhNDUxYjljZTk0YTRhMGI0Nzg5N2NlYTI2ZTM4MAEs8OdVbcAESM2zLB_3IblYgB8Vkw
302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECMmis53d7IqjjAEiC3ZjYXJkX3Bob3RvKig4NzdmMmVmNWNjZmVhNDUxYjljZTk0YTRhMGI0Nzg5N2NlYTI2ZTM4MAEs8OdVbcAESM2zLB_3IblYgB8Vkw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECMmis53d7IqjjAEiC3ZjYXJkX3Bob3RvKig4NzdmMmVmNWNjZmVhNDUxYjljZTk0YTRhMGI0Nzg5N2NlYTI2ZTM4MAEs8OdVbcAESM2zLB_3IblYgB8Vkw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 09:54:51 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu8L2DIpuukokSkkWX7lIq9h3f_KuiFRHpKVEhkzyg=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-i_cXnfqq4uVeo0StjCO8Yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin; report-to="SocialGraphPhotosSouffle"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"SocialGraphPhotosSouffle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SocialGraphPhotosSouffle/external"}]}
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=F-L7obdK-vCKEkkTg6Rk-4s7n1YloZtXZK-Rp6p1WQoMl9LkVn9rxqf9NcEbwVpdBNCmN7kK7myTSyPlUuiZlNg9nCBMM8ZRdJy9WxtU3Zv4Gb55yPKhjHJZGsMzqFaLXPImI1QIGOEuoD1kZaFQCvLfIXa5HH9YjmPhUo_heZ8; expires=Tue, 30-May-2023 09:54:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECP6v0Ob2gLPLsAEiC3ZjYXJkX3Bob3RvKihmYzM4MjFmZjRmMjBjOWEzMjliOTJjNjdlZjNhZjYxZjIxYzZlNjAwMAFAXOs1WP7UsVfm482DmQqLg0HpAA
302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECP6v0Ob2gLPLsAEiC3ZjYXJkX3Bob3RvKihmYzM4MjFmZjRmMjBjOWEzMjliOTJjNjdlZjNhZjYxZjIxYzZlNjAwMAFAXOs1WP7UsVfm482DmQqLg0HpAA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECP6v0Ob2gLPLsAEiC3ZjYXJkX3Bob3RvKihmYzM4MjFmZjRmMjBjOWEzMjliOTJjNjdlZjNhZjYxZjIxYzZlNjAwMAFAXOs1WP7UsVfm482DmQqLg0HpAA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 09:54:51 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-kqGoDmKLWVeiT07k3uXwVgHgn5wlj1xl0OAOvhg=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-jR-e5bE7PPWataynNpi4yQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=ndyChbmJ1yEeg57DiOyLQX4tI5i7r0MxKogTHcml8zD8-pEYnOXxeU0IXFKGBb3I14ShsO6vTH1yxWZjBXKsA451dwyIUN7lGpNERvgdMtYTSrVX2vrebrRe9c3KGDn6Oy7TL-h4FDBPnsdMn5R_mB4VWKP69w-xYR4PNCh5_as; expires=Tue, 30-May-2023 09:54:51 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-kqGoDmKLWVeiT07k3uXwVgHgn5wlj1xl0OAOvhg=s96-p
200 OK 5.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-kqGoDmKLWVeiT07k3uXwVgHgn5wlj1xl0OAOvhg=s96-p
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 978c76c87fc7332f9b931b44449a2557
9c99c2f8a7b30594f4de89a6fb77858359a76ae5
04bf13c9894b886cbe38a7f7d830c4065e73aa47c414ef021ebad0697b005e9c
GET /a-/ACNPEu-kqGoDmKLWVeiT07k3uXwVgHgn5wlj1xl0OAOvhg=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5130
x-xss-protection: 0
date: Mon, 28 Nov 2022 09:02:54 GMT
expires: Sat, 26 Nov 2022 07:38:06 GMT
cache-control: public, max-age=86400, no-transform
age: 3117
etag: "v14e"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
200 OK 391 B URL HTTP/2 syndication.twitter.com/settings?session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
IP
File type JSON data\012- , ASCII text, with very long lines (973), with no line terminators
Hash 90cb574369f4e891ef98010ea1b58fc3
2e2746aae98e45c2a4a6bb1110822965a5c4778f
7a30028b0926f280bf4bf1ebb2491bb89b8b9fdeb8f162087604fe7e0da4524c
GET /settings?session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:50 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 09:54:51 GMT
content-length: 391
content-encoding: gzip
x-transaction-id: 9bdba3d3d8c38166
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 104
x-connection-hash: 8882836162e02c98fd975c8ce69ef59f1240e8b28792bd4cf53f56c2a08e9a95
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/_nd79QfXarBU/TTr4Em922_I/AAAAAAAAAIE/xgTRIS5if28/s45-c/victor.jpg
404 Not Found 904 B URL HTTP/2 1.bp.blogspot.com/_nd79QfXarBU/TTr4Em922_I/AAAAAAAAAIE/xgTRIS5if28/s45-c/victor.jpg
IP
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 288ba721beee9352ca47b2a130423c86
5dd28e65cfc52620335ca1a10be532ed9e44ff14
6ee738d016e2e0d81bb5da04d1c97a4b33d9ec9f3bfc3cee450b33d1dd997cc4
GET /_nd79QfXarBU/TTr4Em922_I/AAAAAAAAAIE/xgTRIS5if28/s45-c/victor.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:54:51 GMT
server: fife
content-length: 904
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
200 OK 2.4 kB URL HTTP/1.1 platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP
File type ASCII text, with very long lines (7017), with no line terminators
Hash 83616664e4155f8af0efb0576f8920cf
1277b0f4f935bec3ada0f87c45395bb6d9b2efbc
bb19d85932c5e8a952b6fc28c1df42aed6d6920f79ee3f2217d2484294d575d3
GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2201627
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 28 Nov 2022 09:54:51 GMT
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2362
2.bp.blogspot.com/-mFQR727fmGY/VwxJZJvvr6I/AAAAAAAAJvo/c4UZ5IKUFqIRCcadQIv1wG2rLqIN45mqQCK4B/s45-c/9nGX_RDD.jpg
200 OK 1.4 kB URL HTTP/2 2.bp.blogspot.com/-mFQR727fmGY/VwxJZJvvr6I/AAAAAAAAJvo/c4UZ5IKUFqIRCcadQIv1wG2rLqIN45mqQCK4B/s45-c/9nGX_RDD.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 04bbd35cb8ab6a942888944100795d02
0724db82fa6bba1371dd367cf39321e03052ea52
874eed5fd7c103c9feb4fbfcf38bd5212e834b8a393b38fac1737397dc0da98c
GET /-mFQR727fmGY/VwxJZJvvr6I/AAAAAAAAJvo/c4UZ5IKUFqIRCcadQIv1wG2rLqIN45mqQCK4B/s45-c/9nGX_RDD.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v26fb"
expires: Tue, 29 Nov 2022 09:54:51 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="9nGX_RDD.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:54:51 GMT
server: fife
content-length: 1408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-UqhUfG5X0Ws/Ym_5YpTg4VI/AAAAAAAAHcA/xxScUQvqFWAeS0RIo8Fm7-NJ8XwpTgIKwCK4BGAYYCw/s45-c/Alex.jpg
200 OK 1.2 kB URL HTTP/2 4.bp.blogspot.com/-UqhUfG5X0Ws/Ym_5YpTg4VI/AAAAAAAAHcA/xxScUQvqFWAeS0RIo8Fm7-NJ8XwpTgIKwCK4BGAYYCw/s45-c/Alex.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash ed6918ee4c24c1f68825c2792989ee4f
a21fe435e6cb0720057a9c843942513d4d322a3f
cc84fb529f5bdf86c2c97b310cfd4e7212bdefb40cf16756bbef3c7c3f4b1314
GET /-UqhUfG5X0Ws/Ym_5YpTg4VI/AAAAAAAAHcA/xxScUQvqFWAeS0RIo8Fm7-NJ8XwpTgIKwCK4BGAYYCw/s45-c/Alex.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1dc2"
expires: Tue, 29 Nov 2022 09:54:51 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Alex.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:54:51 GMT
server: fife
content-length: 1209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash cd8176e04a5a760140a9de9ffe9d8a17
f3b4514c9df71da30eadd2d87fd6131e5c3bf7e3
601089b9e7dcd29e255c391dff1c3da64dd80bb72ee047561592d86dbbc4c472
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2201628
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 09:54:51 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0&t=BU%20Banana&cu=http%3A%2F%2Fbubanana.blogspot.com%2F
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0&t=BU%20Banana&cu=http%3A%2F%2Fbubanana.blogspot.com%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0&t=BU%20Banana&cu=http%3A%2F%2Fbubanana.blogspot.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 09:54:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
200 OK 20 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash 5015066812fde03249df3bd76049aa98
7cb3dd5bca373b1879288582a1e6c3595da77c6a
cd8e6c12d4c34778d1f92a5ca6ff378107d10bc86ff6b7b8cabed223d09771bd
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:51 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 66562
expires: Thu, 01 Dec 2022 09:54:51 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 7712397e8ae9fab8-OSL
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=bubanana.blogspot.com&_ss=38i832dfdk&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5eyc&_cb=_dtspv.c
200 OK 2.2 kB URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=bubanana.blogspot.com&_ss=38i832dfdk&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5eyc&_cb=_dtspv.c
IP
File type ASCII text, with no line terminators
Hash 4172e48f865ca232d142193a9933d5f5
e56ddee5ea706a5fa97e071668f5d55d9f16d874
e4e80ecf0c3ca74401897bb92794030c84bec6885a9a71a227c117a3554528bf
GET /pv/?_a=v&_h=bubanana.blogspot.com&_ss=38i832dfdk&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5eyc&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Cookie: m=1; oa=1; df=1669629290
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:51 GMT
content-type: application/javascript
x-t: 0.208
x-c: 0
expires: Mon, 28 Nov 2022 09:54:50 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOly5E7I6fI7jTGhD0QbH6J2rZHQqY6hTjMQr%2BWsivkMJMq%2FJyhmIvFWxCs8ERYuNqpUOohZZK1iwzp9BCb2XubA5SIMC5A3GcwnNWhgvQDWsGJQmq%2FF0vAmxwNoJbUE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7712397bfcdb7196-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash cd8176e04a5a760140a9de9ffe9d8a17
f3b4514c9df71da30eadd2d87fd6131e5c3bf7e3
601089b9e7dcd29e255c391dff1c3da64dd80bb72ee047561592d86dbbc4c472
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2201628
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 09:54:51 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash cd8176e04a5a760140a9de9ffe9d8a17
f3b4514c9df71da30eadd2d87fd6131e5c3bf7e3
601089b9e7dcd29e255c391dff1c3da64dd80bb72ee047561592d86dbbc4c472
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2201628
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 09:54:51 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
lh3.googleusercontent.com/a-/ACNPEu8L2DIpuukokSkkWX7lIq9h3f_KuiFRHpKVEhkzyg=s96-p
200 OK 6.9 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu8L2DIpuukokSkkWX7lIq9h3f_KuiFRHpKVEhkzyg=s96-p
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 0e6840c10a7c03f6faccf41506f9e702
cdba64917a8ff85909ad598ede33ba8ba80c8e4a
f70dbc4e5a86d19472c8645f2dbb1234348235906e4289666e72c16ffed4a947
GET /a-/ACNPEu8L2DIpuukokSkkWX7lIq9h3f_KuiFRHpKVEhkzyg=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v314"
expires: Tue, 29 Nov 2022 09:54:51 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:54:51 GMT
server: fife
content-length: 6859
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash cd8176e04a5a760140a9de9ffe9d8a17
f3b4514c9df71da30eadd2d87fd6131e5c3bf7e3
601089b9e7dcd29e255c391dff1c3da64dd80bb72ee047561592d86dbbc4c472
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2201636
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 09:54:51 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash cd8176e04a5a760140a9de9ffe9d8a17
f3b4514c9df71da30eadd2d87fd6131e5c3bf7e3
601089b9e7dcd29e255c391dff1c3da64dd80bb72ee047561592d86dbbc4c472
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2201635
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 09:54:51 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash cd8176e04a5a760140a9de9ffe9d8a17
f3b4514c9df71da30eadd2d87fd6131e5c3bf7e3
601089b9e7dcd29e255c391dff1c3da64dd80bb72ee047561592d86dbbc4c472
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2201638
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 09:54:51 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32033)
Hash cd8176e04a5a760140a9de9ffe9d8a17
f3b4514c9df71da30eadd2d87fd6131e5c3bf7e3
601089b9e7dcd29e255c391dff1c3da64dd80bb72ee047561592d86dbbc4c472
GET /widgets/tweet_button.644279d1635fd969e87af94a98bd232b.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2201634
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 09:54:51 GMT
Etag: "126ffb93f08e989b18a6e1fc082c9e33+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F710)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13753
lh3.googleusercontent.com/p/AF1QipMaJlc0O963kaudiJs11fXiyw3-YuXSu_I0XzxV=s45-c?key=CJivgITe9c2QOA
200 OK 5.0 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipMaJlc0O963kaudiJs11fXiyw3-YuXSu_I0XzxV=s45-c?key=CJivgITe9c2QOA
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash c9be33a995e3a78e6b794527f303bcbd
a390276a1d44b2f9a8c2f2e04ae775d4205e3a51
29b77a53602a4c77962548673ce19e8031269d67f885bd7f37df6dcac646ed0c
GET /p/AF1QipMaJlc0O963kaudiJs11fXiyw3-YuXSu_I0XzxV=s45-c?key=CJivgITe9c2QOA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "va67"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:54:51 GMT
server: fife
content-length: 4982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipPSLGdnwC-G8546KQLj4kdWKM10jOzrnFDMmCnB=s45-c?key=CMuvzsyi9qehsAE
200 OK 3.2 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPSLGdnwC-G8546KQLj4kdWKM10jOzrnFDMmCnB=s45-c?key=CMuvzsyi9qehsAE
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 731b88b30226d6fc9de6406610a5f53b
ced658898a8b1d73e0438722a66a244fa2e05341
937b766f134aa70d4a551dcb8889cbac6da95afe4b260370c7bbf1f5832d0c62
GET /p/AF1QipPSLGdnwC-G8546KQLj4kdWKM10jOzrnFDMmCnB=s45-c?key=CMuvzsyi9qehsAE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v9f6"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:54:51 GMT
server: fife
content-length: 3209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNhuv7xzbVMNOMs5ZHHVdTa-x5obcQ2CtkKgE9G=s45-c?key=CPSMy8P47ZCSbg
200 OK 6.1 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNhuv7xzbVMNOMs5ZHHVdTa-x5obcQ2CtkKgE9G=s45-c?key=CPSMy8P47ZCSbg
IP
File type PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 3fdc60ceb57163e7fbe366bf81128472
c060d7e9fe28a18ac4cc6c27d9634378f868c3d8
f9e50ab978714ca7ed94ed76f141598f3c8af538d714a0cfc6319dcf4b7a1222
GET /p/AF1QipNhuv7xzbVMNOMs5ZHHVdTa-x5obcQ2CtkKgE9G=s45-c?key=CPSMy8P47ZCSbg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2a33"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:54:51 GMT
server: fife
content-length: 6054
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipM655mbTso1QVtAuor_wEhPO0_LhlYi1amgTt9X=s45-c?key=CKjR2b2Tl9SFDQ
200 OK 4.5 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipM655mbTso1QVtAuor_wEhPO0_LhlYi1amgTt9X=s45-c?key=CKjR2b2Tl9SFDQ
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 291165c16dfd6d0d38dcdba68ccd5814
357118b5f7fb5a7b6335f683ad62799238646baa
fc4cba4ccadd7e77685e5e25c83309465262cec0a8a5f857ec12d137e5e5e1ae
GET /p/AF1QipM655mbTso1QVtAuor_wEhPO0_LhlYi1amgTt9X=s45-c?key=CKjR2b2Tl9SFDQ HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3e"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:54:51 GMT
server: fife
content-length: 4529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOvfGnKv3nQGA5hs62-EzH0puuxTKHt7ACtGt6y=s45-c?key=COy1yIrviIa-YA
200 OK 4.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOvfGnKv3nQGA5hs62-EzH0puuxTKHt7ACtGt6y=s45-c?key=COy1yIrviIa-YA
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 18e2c7103e9ca2328098819244f86096
e199aa8efaf22f07a5b557a12dccb6f6c8bb3cf1
65cd06b3937d144c1989665763bb38ccd36ca8c18288908ab46e053fca3dd807
GET /p/AF1QipOvfGnKv3nQGA5hs62-EzH0puuxTKHt7ACtGt6y=s45-c?key=COy1yIrviIa-YA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v44"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:54:51 GMT
server: fife
content-length: 4802
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipMeFtZXqtYkRnbEyluuwwvH4vVB3Qsy-yOMZD06=s45-c?key=CM_ppcS9rPGnUg
200 OK 5.1 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipMeFtZXqtYkRnbEyluuwwvH4vVB3Qsy-yOMZD06=s45-c?key=CM_ppcS9rPGnUg
IP
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash c7834331a83e6e40ca040ee833f88303
45da2de01086ad81da94869ecb0b83b469184741
5e25c11a1b05af57e90ac9169b243bece6f8be81572ea3fde283331ca8001e72
GET /p/AF1QipMeFtZXqtYkRnbEyluuwwvH4vVB3Qsy-yOMZD06=s45-c?key=CM_ppcS9rPGnUg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vba"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 09:54:51 GMT
server: fife
content-length: 5062
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0&t=BU%20Banana&cu=http%3A%2F%2Fbubanana.blogspot.com%2F
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0&t=BU%20Banana&cu=http%3A%2F%2Fbubanana.blogspot.com%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0&t=BU%20Banana&cu=http%3A%2F%2Fbubanana.blogspot.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 09:54:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291169%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291169%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291169%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:50 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 09:54:51 GMT
content-length: 43
x-transaction-id: 69695b600354ca94
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: 8882836162e02c98fd975c8ce69ef59f1240e8b28792bd4cf53f56c2a08e9a95
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291162%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291162%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291162%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:50 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 09:54:51 GMT
content-length: 43
x-transaction-id: 11fbe4a566b1f5f0
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 8882836162e02c98fd975c8ce69ef59f1240e8b28792bd4cf53f56c2a08e9a95
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291165%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291165%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291165%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:51 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 09:54:51 GMT
content-length: 43
x-transaction-id: 3d29e5a5416c72a0
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: 8882836162e02c98fd975c8ce69ef59f1240e8b28792bd4cf53f56c2a08e9a95
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291166%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291166%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291166%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:51 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 09:54:51 GMT
content-length: 43
x-transaction-id: 5eadd4be6d3d6ad1
strict-transport-security: max-age=631138519
x-response-time: 108
x-connection-hash: 8882836162e02c98fd975c8ce69ef59f1240e8b28792bd4cf53f56c2a08e9a95
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291163%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291163%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291163%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:51 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 09:54:51 GMT
content-length: 43
x-transaction-id: 02db08de95da78ac
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: 8882836162e02c98fd975c8ce69ef59f1240e8b28792bd4cf53f56c2a08e9a95
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291168%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291168%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291168%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:50 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 09:54:51 GMT
content-length: 43
x-transaction-id: 4b08e756adc42f6b
strict-transport-security: max-age=631138519
x-response-time: 114
x-connection-hash: 8882836162e02c98fd975c8ce69ef59f1240e8b28792bd4cf53f56c2a08e9a95
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291167%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291167%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fbubanana.blogspot.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1669629291167%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=176397b67d982dca062f0a2b3e7d3acd6cad70fa HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:54:51 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 28 Nov 2022 09:54:51 GMT
content-length: 43
x-transaction-id: 825dd915ed91536c
strict-transport-security: max-age=631138519
x-response-time: 119
x-connection-hash: 8882836162e02c98fd975c8ce69ef59f1240e8b28792bd4cf53f56c2a08e9a95
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!z9muf3y0pxqg&dn=TC&cc=1&r=
200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!z9muf3y0pxqg&dn=TC&cc=1&r=
IP
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!z9muf3y0pxqg&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Tue, 29 Nov 2022 09:54:51 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Mon, 28 Nov 2022 09:54:51 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0&t=BU%20Banana
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0&t=BU%20Banana
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0&t=BU%20Banana HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 09:54:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 09:54:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 09:54:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 09:54:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0
204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!z9muf3y0pxqg&lm=0&ts=1669629290762&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Mon, 28 Nov 2022 09:54:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1985572841&utmhn=bubanana.blogspot.com&utmt=event&utme=14(4670)(4671)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BU%20Banana&utmhid=1487839750&utmr=-&utmp=%2F&utmht=1669629292069&utmac=UA-29880443-1&utmcc=__utma%3D51597498.1125930400.1669629289.1669629289.1669629289.1%3B%2B__utmz%3D51597498.1669629289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1985572841&utmhn=bubanana.blogspot.com&utmt=event&utme=14(4670)(4671)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BU%20Banana&utmhid=1487839750&utmr=-&utmp=%2F&utmht=1669629292069&utmac=UA-29880443-1&utmcc=__utma%3D51597498.1125930400.1669629289.1669629289.1669629289.1%3B%2B__utmz%3D51597498.1669629289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=2&utmn=1985572841&utmhn=bubanana.blogspot.com&utmt=event&utme=14(4670)(4671)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=BU%20Banana&utmhid=1487839750&utmr=-&utmp=%2F&utmht=1669629292069&utmac=UA-29880443-1&utmcc=__utma%3D51597498.1125930400.1669629289.1669629289.1669629289.1%3B%2B__utmz%3D51597498.1669629289.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sun, 27 Nov 2022 18:03:31 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 57081
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
dl.dropbox.com/u/93265919/efeitoimagens/blogger.js
404 Not Found 0 B URL HTTP/2 dl.dropbox.com/u/93265919/efeitoimagens/blogger.js
IP
GET /u/93265919/efeitoimagens/blogger.js HTTP/1.1
Host: dl.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html
date: Mon, 28 Nov 2022 09:54:48 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: noindex, nofollow, noimageindex
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: remote
x-dropbox-request-id: 20ae1246b3a74993a0a0f7c2d41df762
X-Firefox-Spdy: h2
dl.dropbox.com/u/93265919/efeitoimagens/data-post.js
404 Not Found 0 B URL HTTP/2 dl.dropbox.com/u/93265919/efeitoimagens/data-post.js
IP
GET /u/93265919/efeitoimagens/data-post.js HTTP/1.1
Host: dl.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html
date: Mon, 28 Nov 2022 09:54:48 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: noindex, nofollow, noimageindex
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: remote
x-dropbox-request-id: cbdb92306958494182c25fc6d5b5b0cb
X-Firefox-Spdy: h2
www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FBuBanana&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false&appId=511225465593984
200 OK 0 B URL HTTP/2 www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FBuBanana&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false&appId=511225465593984
IP
GET /plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2FBuBanana&width=292&height=258&show_faces=true&colorscheme=light&stream=false&show_border=false&header=false&appId=511225465593984 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: uKwZEjXrfruME8LzjnjUHnaV5xdOYfQmfQMOFcIRpX35HgXDwxHEy7XgkShMdtYrwzdAbYdThMs96dllYWHZQg==
date: Mon, 28 Nov 2022 09:54:50 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
89edd755-a-62cb3a1a-s-sites.googlegroups.com/site/paginblogger/numeradas/pagenav.js?attachauth=ANoY7cpg07NoT_NzZzdGTtF56v408vgLR-r5oLYGRa1uHMhI2Nj9yuPSRkbs_8MzrFRmlzswR2cOmTAANhiWcsLTeVRi_4-XFQkWmLVtphQSOVKwionStZUQ6d0IrRNwzPWK83qt8Vitx2-ERh-U8yqEGn8yOqvKcnz5ttIW8oz9hBAkiG9YQ5WXkYz5hzztuMhZyWuFytQerCG65BfrlhVSnQi42oDBN9q0koGAc4_Idd-_l9vXP0E%3D&attredirects=0
200 OK 0 B URL HTTP/2 89edd755-a-62cb3a1a-s-sites.googlegroups.com/site/paginblogger/numeradas/pagenav.js?attachauth=ANoY7cpg07NoT_NzZzdGTtF56v408vgLR-r5oLYGRa1uHMhI2Nj9yuPSRkbs_8MzrFRmlzswR2cOmTAANhiWcsLTeVRi_4-XFQkWmLVtphQSOVKwionStZUQ6d0IrRNwzPWK83qt8Vitx2-ERh-U8yqEGn8yOqvKcnz5ttIW8oz9hBAkiG9YQ5WXkYz5hzztuMhZyWuFytQerCG65BfrlhVSnQi42oDBN9q0koGAc4_Idd-_l9vXP0E%3D&attredirects=0
IP
GET /site/paginblogger/numeradas/pagenav.js?attachauth=ANoY7cpg07NoT_NzZzdGTtF56v408vgLR-r5oLYGRa1uHMhI2Nj9yuPSRkbs_8MzrFRmlzswR2cOmTAANhiWcsLTeVRi_4-XFQkWmLVtphQSOVKwionStZUQ6d0IrRNwzPWK83qt8Vitx2-ERh-U8yqEGn8yOqvKcnz5ttIW8oz9hBAkiG9YQ5WXkYz5hzztuMhZyWuFytQerCG65BfrlhVSnQi42oDBN9q0koGAc4_Idd-_l9vXP0E%3D&attredirects=0 HTTP/1.1
Host: 89edd755-a-62cb3a1a-s-sites.googlegroups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 09:54:49 GMT
last-modified: Sat, 04 Jul 2020 03:07:51 GMT
etag: "1593832071665"
content-disposition: attachment; filename="pagenav.js"
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
developers.google.com/
200 OK 0 B IP
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 18:10:23 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.3663201572.1669629291; Expires=Wed, 27 Nov 2024 09:54:51 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-rStHTfhbjq0fNaUotUpu+xVQyQak66' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 92777614db579231a32d1f4c712028fc
vary: Accept-Encoding
date: Mon, 28 Nov 2022 09:54:51 GMT
server: Google Frontend
content-length: 25247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dl.dropbox.com/u/35784805/Mil%20Trucos%20Blogger/paginacionbloggermtb.js
404 Not Found 0 B URL HTTP/2 dl.dropbox.com/u/35784805/Mil%20Trucos%20Blogger/paginacionbloggermtb.js
IP
GET /u/35784805/Mil%20Trucos%20Blogger/paginacionbloggermtb.js HTTP/1.1
Host: dl.dropbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html
date: Mon, 28 Nov 2022 09:54:48 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: noindex, nofollow, noimageindex
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: remote
x-dropbox-request-id: 6506974772dd4c3b83f2ec430d6ea60c
X-Firefox-Spdy: h2
bubanana.blogspot.com/URL-DO-ARQUIVO-SHADOWBOX.CSS
404 Not Found 0 B URL HTTP/1.1 bubanana.blogspot.com/URL-DO-ARQUIVO-SHADOWBOX.CSS
IP
Analyzer Verdict Alert fortinet Malware
GET /URL-DO-ARQUIVO-SHADOWBOX.CSS HTTP/1.1
Host: bubanana.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bubanana.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 28 Nov 2022 09:54:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 14566
Server: GSE
centralblogs.com.br/estrutura/bannerp.png
301 Moved Permanently 0 B URL HTTP/2 centralblogs.com.br/estrutura/bannerp.png
IP
GET /estrutura/bannerp.png HTTP/1.1
Host: centralblogs.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bubanana.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 28 Nov 2022 09:54:49 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
vary: Cookie
location: /wp-content/uploads/2019/08/bannerp.png
x-ac: 3.arn _atomic_ams BYPASS
X-Firefox-Spdy: h2
142.250.74.161
93.184.220.66
31.13.72.12
23.36.76.226
104.18.36.173