Overview

URLgeft-carrafour-lb.blogspot.dk/
IP 142.250.74.1 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access public lock_open
Report completed2023-03-23 13:50:15 UTC
StatusLoading report..
IDS alerts5
Blocklist alert0
urlquery alerts No alerts detected
Tags None

Domain Summary (13)

Fully Qualifying Domain Name Rank First Seen Last Seen Sent bytes Received bytes IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03T13:26:46Z 2023-03-29T05:09:31Z 413 5882 34.160.144.191
geft-carrafour-lb.blogspot.dk (1) 0 2023-02-17T11:48:10Z 2023-02-17T11:48:10Z 361 620 142.250.74.1
geft-carrafour-lb.blogspot.com (3) 0 2023-02-04T02:00:59Z 2023-03-23T14:50:26Z 1236 6869 142.250.74.1
ocsp.pki.goog (9) 175 2018-07-01T08:43:07Z 2023-03-29T05:09:04Z 3087 6295 142.250.74.131
www.blogger.com (2) 8975 2012-05-22T09:35:03Z 2023-03-29T07:43:42Z 835 9202 216.58.207.233
resources.blogblog.com (1) 13274 2017-01-30T05:47:40Z 2023-03-29T07:53:37Z 419 48466 216.58.207.233
r3.o.lencr.org (8) 344 2020-12-02T09:52:13Z 2023-03-29T05:09:11Z 2704 7093 95.101.11.115
firefox.settings.services.mozilla.com (2) 867 2020-06-04T22:08:41Z 2023-03-29T05:09:03Z 782 2374 35.241.9.150
contile.services.mozilla.com (1) 1114 2021-05-27T20:32:35Z 2023-03-29T05:09:31Z 333 391 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24T10:27:06Z 2023-03-29T05:09:32Z 606 127 52.40.182.229
lh3.googleusercontent.com (1) 66 2012-05-22T09:35:05Z 2023-03-29T05:20:57Z 463 1321 216.58.207.193
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-22T01:36:00Z 2023-03-29T05:09:12Z 3246 51689 34.120.237.76
oyeg76yhawcw1lcr.volatilewriter.com (7) 0 2022-09-17T21:56:17Z 2023-03-24T09:35:32Z 3097 141625 204.11.56.48

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2023-03-23 13:50:16 UTC low  204.11.56.48 Client IP ET INFO Observed ZeroSSL SSL/TLS Certificate 
2023-03-23 13:50:17 UTC low  204.11.56.48 Client IP ET INFO Observed ZeroSSL SSL/TLS Certificate 
2023-03-23 13:50:19 UTC low  204.11.56.48 Client IP ET INFO Observed ZeroSSL SSL/TLS Certificate 
2023-03-23 13:50:20 UTC low  204.11.56.48 Client IP ET INFO Observed ZeroSSL SSL/TLS Certificate 
2023-03-23 13:50:21 UTC low  204.11.56.48 Client IP ET INFO Observed ZeroSSL SSL/TLS Certificate 

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected

ThreatFox
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.1
Date UQ / IDS / BL URL IP
2023-06-06 23:24:15 UTC 0 - 0 - 1 tancotitic1988.blogspot.sg/ 142.250.74.1
2023-06-06 21:51:57 UTC 0 - 2 - 0 best-proxylist.blogspot.in/2011_09_28_archive (...) 142.250.74.1
2023-06-06 21:51:08 UTC 0 - 0 - 1 ahijjjas843.blogspot.com.cy/ 142.250.74.1
2023-06-06 21:48:12 UTC 0 - 0 - 1 kandyskynews.blogspot.com/2015/08/blog-post_8 (...) 142.250.74.1
2023-06-06 21:48:36 UTC 3 - 0 - 0 blogluyoruz.blogspot.nl/search/label/yunuslar (...) 142.250.74.1


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-06-07 01:45:25 UTC 0 - 2 - 0 www.keepingintouch.biz/~cpscom/el144/load/load.exe 34.117.168.233
2023-06-07 01:36:35 UTC 0 - 0 - 2 33e617cd-692b-49f8-ad97-8c100fabfcc7.usrfiles (...) 34.102.176.152
2023-06-07 01:34:43 UTC 0 - 0 - 2 7402bb8f-f9b8-4be9-ba8e-8aaccc0abf5a.usrfiles (...) 34.102.176.152
2023-06-07 01:34:24 UTC 0 - 0 - 2 649e1b5b-bc66-4c0d-86c0-ff377575aa52.usrfiles (...) 34.102.176.152
2023-06-07 01:34:02 UTC 0 - 0 - 2 53320da4-acec-4d69-b0fe-0c0c9bd145ea.usrfiles (...) 34.102.176.152


Last 1 reports on domain: geft-carrafour-lb.blogspot.dk
Date UQ / IDS / BL URL IP
2023-03-23 13:50:15 UTC 0 - 5 - 0 geft-carrafour-lb.blogspot.dk/ 142.250.74.1


No other reports with similar screenshot

JavaScript

Executed Scripts (16)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (43)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5704
Expires: Thu, 23 Mar 2023 15:25:08 GMT
Date: Thu, 23 Mar 2023 13:50:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19597
Expires: Thu, 23 Mar 2023 19:16:41 GMT
Date: Thu, 23 Mar 2023 13:50:04 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 13:15:05 GMT
age: 2099
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4ad6984a756720fbfff47b37a75513a2
Sha1:   355e35258114452af8b9638985ed9d8ef3bf0aca
Sha256: 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7226
Expires: Thu, 23 Mar 2023 15:50:30 GMT
Date: Thu, 23 Mar 2023 13:50:04 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                            
x-amz-id-2: AOFso67aao9Ux2Xi7No8BOKNzEUnYd2MEIxIAKMunX7e95IRxj3NXEGj664PbzeUyQefKgBDTCs=
x-amz-request-id: WCQCMBZKTYB775MB
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 12:59:58 GMT
age: 3006
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    e7bace7c1e04d44012e37ddffe36e5d5
Sha1:   3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
Sha256: 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                            
server: nginx
date: Thu, 23 Mar 2023 13:50:04 GMT
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: geft-carrafour-lb.blogspot.dk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        
                                             142.250.74.1
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                            
Location: http://geft-carrafour-lb.blogspot.com/
Content-Encoding: gzip
Date: Thu, 23 Mar 2023 13:50:05 GMT
Expires: Thu, 23 Mar 2023 13:50:05 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 184
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   184
Md5:    1b7e4cfe2c3d6703ed178953dbe261e6
Sha1:   c847d77d9df42136899cc1daeef4ff30f6f4d983
Sha256: 9d872c48d745b2a6dc18e1e4ab87a573f9b26706a9ac94edcce7db6b1b74ba31
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 13:14:33 GMT
age: 2132
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3063
Expires: Thu, 23 Mar 2023 14:41:08 GMT
Date: Thu, 23 Mar 2023 13:50:05 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: geft-carrafour-lb.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        
                                             142.250.74.1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                            
Location: https://geft-carrafour-lb.blogspot.com/
Content-Encoding: gzip
Date: Thu, 23 Mar 2023 13:50:05 GMT
Expires: Thu, 23 Mar 2023 13:50:05 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 184
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   184
Md5:    61a2d03a0a0eb04eb9b6a9bfadacc97c
Sha1:   9d956250308d65705caead0224b0bb94851cb6c2
Sha256: 207355e11e7356d3fa32de36df50ec628b56a4d91785049fad977424d8f3f6b4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Thu, 23 Mar 2023 13:50:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QvYv2iKzpJ+UBxB9EpAupw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        
                                             52.40.182.229
HTTP/1.1 101 Switching Protocols
                                            
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LPAdI7Rodh1S7cyhIJQeyLDM6H4=

                                        
                                            GET / HTTP/1.1 
Host: geft-carrafour-lb.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        
                                             142.250.74.1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                            
expires: Thu, 23 Mar 2023 13:50:06 GMT
date: Thu, 23 Mar 2023 13:50:06 GMT
cache-control: private, max-age=0
last-modified: Sat, 01 Oct 2022 05:52:04 GMT
etag: W/"a5df837b0b11fda26b2323490677d170f929094192f08c093026c9138f5027dd"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 3031
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5905)
Size:   3031
Md5:    7a58f88c13ac652794f9c0e647f688ce
Sha1:   7def7e38c90c4512897cbbdabcb782aefde32a1e
Sha256: 8fb6567e46c087c28faad87aff883c43b4483e7502d0836ac3d734d7f0f04e9a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Thu, 23 Mar 2023 13:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: geft-carrafour-lb.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geft-carrafour-lb.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             142.250.74.1
HTTP/2 200 OK
content-type: text/javascript
                                            
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Thu, 23 Mar 2023 13:50:06 GMT
expires: Thu, 30 Mar 2023 13:50:06 GMT
cache-control: public, max-age=604800
last-modified: Wed, 22 Mar 2023 20:53:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Thu, 23 Mar 2023 13:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Thu, 23 Mar 2023 13:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Thu, 23 Mar 2023 13:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/v1/widgets/2504215749-css_bundle_v2_rtl.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geft-carrafour-lb.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             216.58.207.233
HTTP/2 200 OK
content-type: text/css
                                            
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 23:04:20 GMT
expires: Thu, 21 Mar 2024 23:04:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Mar 2023 22:54:41 GMT
vary: Accept-Encoding
age: 53146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35994)
Size:   7780
Md5:    80ce34d529819878a4a26584e8eec719
Sha1:   34e44bf7d3e11ab0ee1faf2cc5d2c7f7b9f053e2
Sha256: 625e3271a91189e54e12bd29994e693f26d45d83de700ce5e7b3db033fd1606f
                                        
                                            GET /blogblog/data/res/4268249124-indie_compiled.js HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geft-carrafour-lb.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             216.58.207.233
HTTP/2 200 OK
content-type: text/javascript
                                            
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 47754
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 13:29:06 GMT
expires: Thu, 30 Mar 2023 13:29:06 GMT
cache-control: public, max-age=604800
last-modified: Thu, 03 Sep 2020 06:22:22 GMT
vary: Accept-Encoding
age: 1260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1797)
Size:   47754
Md5:    583873badee5b48683f8fb0d4178706b
Sha1:   6e8b1b7f8070c7f63628d289fa8f1ecb8aa596da
Sha256: 8bd95cbb4bc7f95addb2758422f7900466bdd50e8b9441fca9830f5ba48561e8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Thu, 23 Mar 2023 13:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Thu, 23 Mar 2023 13:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Thu, 23 Mar 2023 13:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=w35 HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geft-carrafour-lb.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             216.58.207.193
HTTP/2 403 Forbidden
content-type: text/html; charset=UTF-8
                                            
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 23 Mar 2023 13:50:06 GMT
server: fife
cache-control: private
content-length: 1007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1621), with CRLF, LF line terminators
Size:   1007
Md5:    cae7a6f541434e9aade0d1e55185ce56
Sha1:   b98946769871c1ff55726bd2383ebbe0445506a7
Sha256: b3e63bb00c1b023967ec5e128046216c3adb0fead07dea0e5eef395ff5b8f40c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Thu, 23 Mar 2023 13:50:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10002
Expires: Thu, 23 Mar 2023 16:36:49 GMT
Date: Thu, 23 Mar 2023 13:50:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10002
Expires: Thu, 23 Mar 2023 16:36:49 GMT
Date: Thu, 23 Mar 2023 13:50:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10002
Expires: Thu, 23 Mar 2023 16:36:49 GMT
Date: Thu, 23 Mar 2023 13:50:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10002
Expires: Thu, 23 Mar 2023 16:36:49 GMT
Date: Thu, 23 Mar 2023 13:50:07 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jj5lAwItWYm45j5kLqQnd3fhsiGsiuSiSVtrBUOolyHvPAmCc0S71A==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:54:24 GMT
age: 21343
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6692
Md5:    c05bfdf1411a931d8ea9adc64b07bc74
Sha1:   156ef59e53564a4f2b27002b2695fafecd578d82
Sha256: 15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 05:35:55 GMT
age: 29652
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5556
Md5:    c831201ad81f55c63c1b101ce854a810
Sha1:   0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
Sha256: c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 10284
x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM6hjEqtIAMFvXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Pv-MA9gQ4PmXuY3EWSC77_g2fn_C9-bYUQ4azcrxLNvtwY6CZZg1nA==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:55:01 GMT
age: 21306
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10284
Md5:    4e89d0b1281259e7399294fb5fa19d2b
Sha1:   5035ed41f497c97faefae9cdaf42dc07ab468557
Sha256: f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 7424
x-amzn-requestid: 9a2bd57a-40d2-4bc0-b4ca-183e9a928bdc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM-3aGPzoAMFj6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b782f-0dc56e4a7c4aaeb45b45c75b;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:50:39 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 8mTKClr9GKzzrm1TtEmMeBnOQfMLTO4dBuAO-fE4UEfV-SwrFbkjZQ==
via: 1.1 ec27e2bbc77d9805bead471453d2094c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 02:54:31 GMT
age: 39336
etag: "709b01a360624eceafb1876f56378824aa4936b3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7424
Md5:    05c7970e81559904d05b6e8cf693f085
Sha1:   709b01a360624eceafb1876f56378824aa4936b3
Sha256: a4fd80c9bdce27961560d7c31e216706e9e32d42d1edd883e283c149505b3db0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: soxgrR0B6Rz79QysB7qbMTsNYmkYfG8doOMPpTEd9uLlrE6WTcDKdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:44 GMT
age: 57743
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4912
Md5:    f4a771935927950222124e14b56046df
Sha1:   d07fe53e4ac41048497b2732c017f6666c3eda9e
Sha256: 4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFCYGtd2b7lK7OBFHjCsgqqLfhtMAQDB0vyYFyf1sv-3CkSHbEh3mA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:59:52 GMT
age: 57015
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10480
Md5:    6f0b9e85381489dcf646c251722b21d4
Sha1:   5f7ea91288a2170bcabdca6be296718c4191eacd
Sha256: 911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
                                        
                                            GET / HTTP/1.1 
Host: oyeg76yhawcw1lcr.volatilewriter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geft-carrafour-lb.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        
                                             204.11.56.48
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                            
Server: openresty
Date: Thu, 23 Mar 2023 13:50:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_DlwimcPYrVhCsMLtsGAKmpcmf9zxe8Ry4r+0KjFB+psV9NBKsuilVlB0USXCb9WVrWkBo4WdT2F6txxy9syzMQ==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63680), with CRLF, LF line terminators
Size:   95043
Md5:    c37fdda36e3345f830804e1be8555e68
Sha1:   05f2f13ea0a1f06616a08b37afac9d50badca9c2
Sha256: 6072603c672600d0b88999cfe0bae5329eb385015381e3a626b1c378a77008e4
                                        
                                            GET /px.js?ch=1 HTTP/1.1 
Host: oyeg76yhawcw1lcr.volatilewriter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        
                                             204.11.56.48
HTTP/1.1 200 OK
Content-Type: application/javascript
                                            
Server: openresty
Date: Thu, 23 Mar 2023 13:50:10 GMT
Content-Length: 346
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (346), with no line terminators
Size:   346
Md5:    f84f931c0dd37448e03f0dabf4e4ca9f
Sha1:   9c2c50edcf576453ccc07bf65668bd23c76e8663
Sha256: 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
                                        
                                            GET /px.js?ch=2 HTTP/1.1 
Host: oyeg76yhawcw1lcr.volatilewriter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        
                                             204.11.56.48
HTTP/1.1 200 OK
Content-Type: application/javascript
                                            
Server: openresty
Date: Thu, 23 Mar 2023 13:50:10 GMT
Content-Length: 346
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (346), with no line terminators
Size:   346
Md5:    f84f931c0dd37448e03f0dabf4e4ca9f
Sha1:   9c2c50edcf576453ccc07bf65668bd23c76e8663
Sha256: 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
                                        
                                            GET /__media__/js/min.js?v2.3 HTTP/1.1 
Host: oyeg76yhawcw1lcr.volatilewriter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        
                                             204.11.56.48
HTTP/1.1 200 OK
Content-Type: application/javascript
                                            
Server: openresty
Date: Thu, 23 Mar 2023 13:50:10 GMT
Content-Length: 8435
Connection: keep-alive
Last-Modified: Thu, 16 Feb 2023 20:42:04 GMT
ETag: "20f3-5f4d73abb75da"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (8349), with CRLF line terminators
Size:   8435
Md5:    c16c3a4c0fad29106f34d00e89f6886e
Sha1:   6e11811ab8a98bb295b0916cdee68b302c33403d
Sha256: 097786d677a859b7bc87e285377b083b76d66a2fc2832a16bcd50b0e99df77ff
                                        
                                            GET /__media__/pics/29590/bg1.png HTTP/1.1 
Host: oyeg76yhawcw1lcr.volatilewriter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        
                                             204.11.56.48
HTTP/1.1 200 OK
Content-Type: image/png
                                            
Server: openresty
Date: Thu, 23 Mar 2023 13:50:10 GMT
Content-Length: 17986
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:16:35 GMT
ETag: "4642-5ee4a7e31c9c9"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1730 x 988, 4-bit colormap, non-interlaced\012- data
Size:   17986
Md5:    825ccd29ac102fcadaf92b2343d5917b
Sha1:   24472e766cfac5b82a73b219796556a0a3702bd6
Sha256: 0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd
                                        
                                            GET /__media__/pics/28905/arrrow.png HTTP/1.1 
Host: oyeg76yhawcw1lcr.volatilewriter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        
                                             204.11.56.48
HTTP/1.1 200 OK
Content-Type: image/png
                                            
Server: openresty
Date: Thu, 23 Mar 2023 13:50:10 GMT
Content-Length: 283
Connection: keep-alive
Last-Modified: Tue, 04 Jan 2022 14:44:27 GMT
ETag: "11b-5d4c2ac970ed9"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 17 x 27, 8-bit colormap, non-interlaced\012- data
Size:   283
Md5:    80d42c82a6c37da90210fd60a2f36128
Sha1:   554ba7c84d2a27ecf3b1f29d03e62101936b54d8
Sha256: a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10
                                        
                                            GET /__media__/fonts/montserrat-bold/montserrat-bold.woff HTTP/1.1 
Host: oyeg76yhawcw1lcr.volatilewriter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                        
                                             204.11.56.48
HTTP/1.1 200 OK
Content-Type: font/woff
                                            
Server: openresty
Date: Thu, 23 Mar 2023 13:50:10 GMT
Content-Length: 17312
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
ETag: "43a0-5b952a63ce953"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 17312, version 2.1\012- data
Size:   17312
Md5:    bebe201d813feaad85a3e66607d0da3a
Sha1:   28b049502afa8e9db5340c1a92400591b39870e8
Sha256: 58bb75322beb862803b0d156e1a1d01fb1e7fde82ee93c929b08bf5aea9fc55b
                                        
                                            GET /static/v1/widgets/3855953344-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geft-carrafour-lb.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             216.58.207.233
HTTP/2 200 OK
content-type: text/javascript
                                            
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 22:29:05 GMT
expires: Thu, 21 Mar 2024 22:29:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 21 Mar 2023 22:29:47 GMT
vary: Accept-Encoding
age: 55261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    
Sha1:   
Sha256: