Overview

URLastridberges-frisbey.blogspot.fr/2011/05/2003-volkswagen-beetle-interior.html
IP 142.250.74.161 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 18:03:49 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (47)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
scripts.chitika.net (2) 811087 2012-05-22 08:29:28 UTC 2022-12-05 21:26:52 UTC 143.204.55.20
images02.olx.com (2) 0 2012-07-04 22:50:09 UTC 2015-10-18 23:42:08 UTC 95.101.10.145 Domain (olx.com) ranked at: 209620
www.777seo.com (1) 0 No data No data 103.224.182.251 Unknown ranking
www.besthitsnow.com (1) 0 2012-05-31 15:24:18 UTC 2022-12-06 18:03:40 UTC 5.79.79.210 Unknown ranking
images.carid.com (1) 66411 2019-10-04 08:50:12 UTC 2020-04-29 05:18:34 UTC 23.33.119.16
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.domainmarket.com (1) 697891 2012-09-11 23:21:43 UTC 2022-12-06 15:25:16 UTC 172.66.43.135
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
www.caranddriver.com (2) 50394 2012-07-30 22:51:20 UTC 2020-04-13 05:03:06 UTC 151.101.0.155
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.41.253.170
d38psrni17bvxu.cloudfront.net (2) 0 2022-12-04 09:43:18 UTC 2022-12-06 10:57:01 UTC 54.230.245.22 Unknown ranking
ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ymads.com (1) 0 No data No data 52.73.136.17 Unknown ranking
my.blueadvertise.com (2) 0 No data No data 103.224.182.251 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-06 04:09:05 UTC 34.102.187.140
www.blogger.com (5) 8975 2012-05-22 07:35:03 UTC 2020-05-05 09:48:25 UTC 142.250.74.41
imganuncios.mitula.net (6) 165657 No data No data 54.230.111.61
ww1.besthitsnow.com (2) 0 No data No data 199.59.243.222 Unknown ranking
astridberges-frisbey.blogspot.fr (1) 0 No data No data 142.250.74.161 Unknown ranking
resources.blogblog.com (1) 13274 2018-07-01 19:33:30 UTC 2020-04-09 16:15:03 UTC 142.250.74.41
ad.ad-u.com (1) 0 No data No data 54.161.222.85 Unknown ranking
static.cargurus.com (2) 19538 2012-10-30 01:16:47 UTC 2020-04-10 07:39:31 UTC 151.101.129.176
www.usedcars.com (2) 0 No data No data 13.107.238.53 Unknown ranking
an.images.dmotorworks.com (1) 0 2015-09-30 05:24:24 UTC 2015-09-30 05:24:24 UTC 207.186.166.148 Domain (dmotorworks.com) ranked at: 169320
ww38.my.blueadvertise.com (2) 0 No data No data 75.2.11.242 Unknown ranking
play.google.com (3) 34 2018-05-12 00:28:37 UTC 2022-12-06 10:37:30 UTC 142.250.74.110
apis.google.com (2) 105 2013-05-30 23:17:44 UTC 2020-05-14 13:59:47 UTC 142.250.74.46
www.hugedomains.com (1) 50857 2017-01-29 19:28:56 UTC 2022-12-06 04:09:46 UTC 104.26.6.37
newbeetle.org (3) 626064 No data No data 104.16.69.82
pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-12-06 10:37:04 UTC 216.58.211.2
www.google.com (2) 7 2016-03-22 03:56:07 UTC 2022-12-06 10:35:24 UTC 142.250.74.132
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-12-06 10:37:14 UTC 216.58.211.3 Domain (gstatic.com) ranked at: 540
c.parkingcrew.net (2) 70582 2017-01-29 19:17:16 UTC 2022-12-06 10:57:01 UTC 185.53.178.30
brigi-jar.com (4) 0 No data No data 35.170.174.54 Unknown ranking
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-12-06 10:35:11 UTC 142.250.74.106
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
www.autobase.com (1) 0 No data No data 137.192.96.253 Unknown ranking
www.sendptp.com (1) 0 2012-11-24 03:44:07 UTC 2022-12-06 18:03:40 UTC 103.224.212.220 Unknown ranking
ww38.777seo.com (2) 0 No data No data 75.2.11.242 Unknown ranking
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-12-06 10:35:57 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
ocsp.pki.goog (12) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
astridberges-frisbey.blogspot.com (2) 0 No data No data 142.250.74.161 Unknown ranking
ocsp.sca1b.amazontrust.com (7) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.118
www.carid.com (2) 43861 2018-09-11 06:58:06 UTC 2020-03-02 09:58:25 UTC 51.81.123.17
images.dealerrevs.com (1) 0 No data No data 216.119.137.98 Unknown ranking
www.olx.com (4) 913047 No data No data 95.101.10.155
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-06 04:09:05 UTC 34.117.237.239

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-06 2 d38psrni17bvxu.cloudfront.net/scripts/maincaf.js Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.161
Date UQ / IDS / BL URL IP
2023-01-21 16:46:31 +0000 0 - 0 - 1 wytike.page.link/pQhBiPQ2o7GVemxA8 142.250.74.161
2023-01-21 16:46:26 +0000 0 - 0 - 1 defewyr.page.link/JoAeTra1xCczHZfv7 142.250.74.161
2023-01-21 16:46:19 +0000 0 - 0 - 1 dymuder.page.link/kvtDZbqxU8AkQ2dV7 142.250.74.161
2023-01-21 13:31:38 +0000 0 - 0 - 1 feqesi.page.link/365pd6duvijVApZL9 142.250.74.161
2023-01-21 13:31:24 +0000 0 - 0 - 1 raliwobe.page.link/BCJyT76QUmkH92Uy7 142.250.74.161


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-01-31 16:08:14 +0000 0 - 0 - 8 a62485f0-c4f7-46c9-bcad-f17f5702e7de.id.repl.co/ 34.149.204.188
2023-01-31 16:07:06 +0000 0 - 3 - 0 reurl.cc/ROxXND 35.185.130.121
2023-01-31 16:06:57 +0000 0 - 0 - 3 guest666game.blogspot.is/ 172.217.21.161
2023-01-31 16:01:11 +0000 0 - 0 - 0 www.google.com/url?q=https://foxygirlsw1.com/ (...) 216.58.211.4
2023-01-31 15:59:50 +0000 25 - 0 - 14 wwer3.restoredinamic.repl.co/ 34.149.204.188


Last 5 reports on domain: astridberges-frisbey.blogspot.fr
Date UQ / IDS / BL URL IP
2022-12-24 04:30:07 +0000 0 - 28 - 7 astridberges-frisbey.blogspot.fr/2011/05/prom (...) 172.217.21.161
2022-12-16 05:29:52 +0000 0 - 0 - 5 astridberges-frisbey.blogspot.fr/2011/05/sele (...) 142.250.74.161
2022-12-06 18:03:49 +0000 0 - 0 - 1 astridberges-frisbey.blogspot.fr/2011/05/2003 (...) 142.250.74.161
2022-12-03 20:49:48 +0000 0 - 0 - 4 astridberges-frisbey.blogspot.fr/2011/05/rose (...) 142.250.74.161
2022-12-01 07:34:53 +0000 0 - 0 - 4 astridberges-frisbey.blogspot.fr/2011/05/flow (...) 142.250.74.161


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-31 03:43:20 +0000 0 - 0 - 4 easytattoodesign.blogspot.com/2011/03/brian-d (...) 216.58.207.193
2023-01-29 02:45:10 +0000 0 - 0 - 3 aliceinwonderlandchallenge.blogspot.com/2011/ (...) 142.250.74.1
2023-01-27 01:57:02 +0000 0 - 2 - 4 clothesandstuffonline.blogspot.com/search/lab (...) 172.217.21.161
2023-01-21 03:23:39 +0000 0 - 0 - 3 easytattoodesign.blogspot.com/2011/04/hair-ta (...) 172.217.21.161
2023-01-20 10:18:36 +0000 0 - 0 - 1 cartoonnatwork.com/ 34.196.13.28

JavaScript

Executed Scripts (59)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (118)


Request Response
                                        
                                            GET /2011/05/2003-volkswagen-beetle-interior.html HTTP/1.1 
Host: astridberges-frisbey.blogspot.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         142.250.74.161
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Location: http://astridberges-frisbey.blogspot.com/2011/05/2003-volkswagen-beetle-interior.html
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 18:03:38 GMT
Expires: Tue, 06 Dec 2022 18:03:38 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 221
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   221
Md5:    b9c9586b008f5cf4ff7dae7405d993d0
Sha1:   17c22a50584b0f566f98b51c235ef327d70d8b7e
Sha256: a7ad9099b18fc2a379809c4c6e080ff323d833c63ecdcf3dbd19b2475f038c2e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Tue, 06 Dec 2022 20:56:33 GMT
Date: Tue, 06 Dec 2022 18:03:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 100
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 18:03:38 GMT
Last-Modified: Tue, 06 Dec 2022 18:01:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3598
Expires: Tue, 06 Dec 2022 19:03:36 GMT
Date: Tue, 06 Dec 2022 18:03:38 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 17:20:25 GMT
cache-control: public,max-age=3600
age: 2593
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: JE8b3A71CR2X64CN2I3Ck+GRkBhmoGrP15qM3uSkjEpZosclPm31/o/EjP/i2pw8XecFXi5IKfmEg8LeduWKUw==
x-amz-request-id: PBDY0HV7YDR6DNM3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 17:49:02 GMT
age: 876
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 18:03:38 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /2011/05/2003-volkswagen-beetle-interior.html HTTP/1.1 
Host: astridberges-frisbey.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Tue, 06 Dec 2022 18:03:39 GMT
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 01 Dec 2021 13:42:40 GMT
ETag: W/"5b9c0f573cd11fbf45f5caef285e787224f97121d42663ccc7140943fadd4cd7"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 19950
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (22667)
Size:   19950
Md5:    55b01f3e39c987a26d231eb9bba7244d
Sha1:   d8bbef44da660d9eee6eb19266ac0600ed877051
Sha256: a896944597f7f1ec73e1480db43dace23cfc47803aedd1270ba52ae9cfb779ce
                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: astridberges-frisbey.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/2011/05/2003-volkswagen-beetle-interior.html

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 18:29:34 GMT
Expires: Tue, 06 Dec 2022 18:29:34 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 16:53:51 GMT
Age: 603245


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
                                        
                                            GET /eminimalls/amm.js HTTP/1.1 
Host: scripts.chitika.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         143.204.55.20
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Length: 167
Connection: keep-alive
Location: https://scripts.chitika.net/eminimalls/amm.js
X-Cache: Redirect from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gNE551JXuwd1P47NfrNPK0hAFdx1shk-zhcUlq3JRWOsY-z2dW8SBg==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /banner.php?ad=t1rdrm&u=ahk845&w=728&h=90 HTTP/1.1 
Host: ymads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         52.73.136.17
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Length: 178
Connection: keep-alive
Set-Cookie: AWSALB=LFhAMRzxfLc//vDOicWE/MsR/0XSPCfZAreEkzwAE7yUColzhRx+jAAWMnzHcq64OHiUQJWS9cGn/SG40o7adTQGtnATMt3Lofjvy1GI6O2ohxhOhyBAoOjJMQt4; Expires=Tue, 13 Dec 2022 18:03:39 GMT; Path=/ AWSALBCORS=LFhAMRzxfLc//vDOicWE/MsR/0XSPCfZAreEkzwAE7yUColzhRx+jAAWMnzHcq64OHiUQJWS9cGn/SG40o7adTQGtnATMt3Lofjvy1GI6O2ohxhOhyBAoOjJMQt4; Expires=Tue, 13 Dec 2022 18:03:39 GMT; Path=/; SameSite=None
Server: nginx/1.18.0 (Ubuntu)
Location: https://www.domainmarket.com/buynow/ymads.com


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    bd2695f4b079c71dbddde3436286fb9c
Sha1:   733c05da132193d6cf1d8e242d12e2525c03bab4
Sha256: 2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 83
Cache-Control: max-age=140674
Date: Tue, 06 Dec 2022 18:03:39 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:08:13 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.41
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:01:43 GMT
expires: Wed, 06 Dec 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 19:52:21 GMT
age: 14516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30596)
Size:   6620
Md5:    6f46e6f68353c7911fe34f31faa1518f
Sha1:   ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
Sha256: 0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
                                        
                                            GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.41
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:05 GMT
expires: Wed, 06 Dec 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Dec 2022 04:51:45 GMT
age: 15574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1441)
Size:   6573
Md5:    f60e5037324bf7fd2256c16929886f09
Sha1:   aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
Sha256: 71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 17:11:20 GMT
cache-control: public,max-age=3600
age: 3139
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.46
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Tue, 06 Dec 2022 18:03:39 GMT
expires: Tue, 06 Dec 2022 18:03:39 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1279)
Size:   20984
Md5:    7ac44ef24e267df17ff72f195b252806
Sha1:   62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
Sha256: aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
                                        
                                            GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.41
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 156915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 05:43:30 GMT
expires: Wed, 06 Dec 2023 05:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 08:51:54 GMT
age: 44409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   156915
Md5:    64d62574443f9d2148012af05abf60ac
Sha1:   16fc9b9b71eb94dbfdc15da12e9b3f21dfe1636e
Sha256: c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246
                                        
                                            GET /forums/attachments/questions-issues-concerns-problems-new-beetle/60022d1249185019-volkswagen-new-beetle-1-8-turbo-gls-barbie_nb_interior_large.jpg HTTP/1.1 
Host: newbeetle.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         104.16.69.82
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 06 Dec 2022 18:03:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 19:03:39 GMT
Location: https://newbeetle.org/forums/attachments/questions-issues-concerns-problems-new-beetle/60022d1249185019-volkswagen-new-beetle-1-8-turbo-gls-barbie_nb_interior_large.jpg
Set-Cookie: __cf_bm=drlQa97ZCr79klrqcCqZ2L0fu5emp3pjykgTGP3Qzos-1670349819-0-AYtmjJegNb0H4bcfUaeTdx3fzsEmxmHtJJgTR6/FoBMsm91FMXRMIal7SsIhkuvsx6A404S+xACJ5PPdcMVwuW8AS4OZK80Wgf4BRv7PG187; path=/; expires=Tue, 06-Dec-22 18:33:39 GMT; domain=.newbeetle.org; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7756f0862f1c0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            GET /img/icon18_edit_allbkg.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.41
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:19:02 GMT
expires: Tue, 13 Dec 2022 14:19:02 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 07:54:23 GMT
age: 13477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 18\012- data
Size:   162
Md5:    c991641178ff05adf0d004298b5eafa9
Sha1:   d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
Sha256: ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108788
Date: Tue, 06 Dec 2022 18:03:39 GMT
Etag: "638e81e8-1d7"
Expires: Thu, 08 Dec 2022 00:16:47 GMT
Last-Modified: Mon, 05 Dec 2022 23:42:32 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mJ1REcmQDXExE3IqJwyLMUWFz59mGdHXlw6QLiz47Ewoq0aTp7k49Q==
Age: 2055

                                        
                                            GET /ad.php HTTP/1.1 
Host: ad.ad-u.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         54.161.222.85
HTTP/1.1 302 Found
                                        
content-length: 0
date: Tue, 06 Dec 2022 18:03:39 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=ad-u.com

                                        
                                            GET /2003_volkswagen_new_beetle_gls_2_0l_glendale_heights_il_93319248746806567.jpg HTTP/1.1 
Host: imganuncios.mitula.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         54.230.111.61
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Length: 167
Connection: keep-alive
Location: https://imganuncios.mitula.net/2003_volkswagen_new_beetle_gls_2_0l_glendale_heights_il_93319248746806567.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Yif9_pqMNh757sYiy336sd9kzdSxfweC6aSM9Ho7tcm1NHOpbCijiA==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /used_2003_volkswagen_beetle_for_sale_92696529107651905.jpg HTTP/1.1 
Host: imganuncios.mitula.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         54.230.111.61
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Length: 167
Connection: keep-alive
Location: https://imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_92696529107651905.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4PTJ_3GKB_THL6rzagvzmZEZgT6MvIraxwR_49gB13gvM214wFTu7g==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /used_2003_volkswagen_beetle_for_sale_93277417196951572.jpg HTTP/1.1 
Host: imganuncios.mitula.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         54.230.111.61
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Length: 167
Connection: keep-alive
Location: https://imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_93277417196951572.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tP7zBooxwIe9uM81zUieCgW8o--OQx5SnF5AVf6WFLN6rHih9EpEsA==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /ui/1/30/65/3872565_1.jpg HTTP/1.1 
Host: images02.olx.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         95.101.10.145
HTTP/1.1 302 Moved Temporarily
                                        
Server: AkamaiGHost
Content-Length: 0
Location: http://www.olx.com/ui/1/30/65/3872565_1.jpg
Expires: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:39 GMT
Connection: keep-alive

                                        
                                            GET /eminimalls/amm.js HTTP/1.1 
Host: scripts.chitika.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.20
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 0
last-modified: Fri, 19 Apr 2019 16:37:52 GMT
server: AmazonS3
date: Tue, 06 Dec 2022 04:27:01 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LJPhDktVzXYG9lAp4UKzRLIf3DGB68r2rEhVVz5JOHgjgEIwL_kQvw==
age: 48999
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2417
Cache-Control: max-age=171090
Date: Tue, 06 Dec 2022 18:03:39 GMT
Etag: "638f73dc-117"
Expires: Thu, 08 Dec 2022 17:35:09 GMT
Last-Modified: Tue, 06 Dec 2022 16:54:52 GMT
Server: ECS (amb/6BB2)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /images/site/2008/08/06/23/24/2009_volkswagen_beetle-pic-42694.jpeg HTTP/1.1 
Host: static.cargurus.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         151.101.129.176
HTTP/1.1 301 Moved Permanently
                                        
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://static.cargurus.com/images/site/2008/08/06/23/24/2009_volkswagen_beetle-pic-42694.jpeg
Accept-Ranges: bytes
Date: Tue, 06 Dec 2022 18:03:39 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1659-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1670349820.944052,VS0,VE0
Access-Control-Allow-Origin: *

                                        
                                            GET /imageserver/inventory/500x375/100A13/2769802643.jpg HTTP/1.1 
Host: www.usedcars.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         13.107.238.53
HTTP/1.1 301 Moved Permanently
                                        
Location: https://www.usedcars.com/imageserver/inventory/500x375/100A13/2769802643.jpg
X-Azure-Ref: 0+4OPYwAAAAD7xLfuUn7kRJ1q4UzMQMKKU1ZHMjBFREdFMDYxNgBmOTNlMzM4Mi00M2Y5LTQ5MmItODY3My1hOTQ4M2FkYzAwOGU=
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Length: 0

                                        
                                            GET /var/ezflow_site/storage/images/news/car/09q4/2010_volkswagen_new_beetle_final_edition_coupe_and_convertible-auto_shows/gallery/2009_volkswagen_new_beetle_interior_photo_50/3073763-1-eng-US/2009_volkswagen_new_beetle_05_cd_gallery.jpg HTTP/1.1 
Host: www.caranddriver.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         151.101.0.155
HTTP/1.1 301 Moved Permanently
                                        
Connection: close
Content-Length: 0
Retry-After: 0
Location: https://www.caranddriver.com/var/ezflow_site/storage/images/news/car/09q4/2010_volkswagen_new_beetle_final_edition_coupe_and_convertible-auto_shows/gallery/2009_volkswagen_new_beetle_interior_photo_50/3073763-1-eng-US/2009_volkswagen_new_beetle_05_cd_gallery.jpg
Accept-Ranges: bytes
Date: Tue, 06 Dec 2022 18:03:39 GMT
X-Cache: HIT
set-cookie: geo_continent_code=EU; path=/ geo_country_code=NO; path=/ geo_postal_code=0168; path=/ location_data={"country_code":"NO","postal_code":"0168"}; path=/;
Strict-Transport-Security: max-age=31557600
geo-city: oslo
geo-continent-code: EU
geo-postal-code: 0168
x-country: NO
Link: <https://googletagservices.com>; rel=preconnect, <https://api.backfires.caranddriver.com>; rel=preconnect, <https://securepubads.g.doubleclick.net>; rel=preconnect, <https://cdn.optimizely.com>; rel=preconnect, <https://adservice.google.com>; rel=preconnect, <https://connect.facebook.net>; rel=preconnect, <https://logx.optimizely.com>; rel=preconnect, <https://www.facebook.com>; rel=preconnect, <https://h.nexac.com>; rel=preconnect, <https://gtrk.s3.amazonaws.com>; rel=preconnect, <https://graph.facebook.com>; rel=preconnect, <https://hips.hearstapps.com>; rel=preconnect, <https://nexus.ensighten.com>; rel=preconnect, <https://www.google-analytics.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect, <https://stats.g.doubleclick.net>; rel=preconnect, <https://www.google.com>; rel=preconnect, <https://tpc.googlesyndication.com>; rel=preconnect, <https://fonts.googleapis.com>; rel=preconnect, <https://img.vast.com>; rel=preconnect, <https://z.moatads.com>; rel=preconnect
X-Robots-Tag: all
Cache-Control: max-age=0, must-revalidate, private

                                        
                                            GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.46
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:07 GMT
expires: Wed, 06 Dec 2023 13:44:07 GMT
cache-control: public, max-age=31536000
age: 15572
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (580)
Size:   57794
Md5:    813b15c3004464f6bd39fd0773b04757
Sha1:   bd2218fe1e647f61132aad70d29cd91fd0416f26
Sha256: 446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/js/google_top_exp.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         216.58.211.2
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 19:51:21 GMT
Expires: Mon, 19 Dec 2022 19:51:21 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Age: 79939


--- Additional Info ---
Magic:  ASCII text
Size:   67
Md5:    9bbc3ca32ec951a484589ce0e6b4db73
Sha1:   753d6f6183b33b2dee5dde2208fca91c17f5bb13
Sha256: b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m9I64lfkzewDChcXJVnz8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.253.170
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BaxCiwiIIzRkVdueTRJDWi8X4hY=

                                        
                                            GET /dyn-css/authorization.css?targetBlogID=6072607690950852570&zx=5411be7a-333a-438a-9da4-297a6c51c362 HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.41
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Dec 2022 18:03:39 GMT
last-modified: Tue, 06 Dec 2022 18:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   21
Md5:    a62e4d501434033d5d177e67d3aafdd0
Sha1:   34f7300c9ed47334cf10826d57af785321e3138b
Sha256: b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127961
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638ebfc7-1d7"
Expires: Thu, 08 Dec 2022 05:36:21 GMT
Last-Modified: Tue, 06 Dec 2022 04:06:31 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R6DS1axAakfAGHeGtetT3fqzcT5x2ugsM42FPN3x0x7kW3zyGRYZvg==
Age: 5391

                                        
                                            GET /images/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg HTTP/1.1 
Host: www.carid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         51.81.123.17
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: openresty
Date: Tue, 06 Dec 2022 18:03:40 GMT
Content-Length: 166
Connection: keep-alive
Location: https://www.carid.com/images/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   166
Md5:    3ea1c8d079b38532a6e01a96216ba5e2
Sha1:   598d3ff91d3e252f1e13df8cf0348b270ff2da3f
Sha256: 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=119012
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638eb1e0-116"
Expires: Thu, 08 Dec 2022 03:07:12 GMT
Last-Modified: Tue, 06 Dec 2022 03:07:12 GMT
Server: nginx
Content-Length: 278

                                        
                                            GET /images/site/2008/08/06/23/24/2009_volkswagen_beetle-pic-42694.jpeg HTTP/1.1 
Host: static.cargurus.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.129.176
HTTP/2 200 OK
content-type: image/jpeg
                                        
x-amz-id-2: As2Ae20iZvwIsAFeM3hT2hQEb/7o+wc6fhRv4cybM2AG+FxQ4xy2EilRwNK2JnNp03dxvfi1g3Om+UIaQ/0u0A==
x-amz-request-id: GDP3EMJ91DSWV5WG
last-modified: Wed, 08 Sep 2010 15:18:03 GMT
etag: "11cea7ada0ec3692579299eb01584049"
cache-control: max-age=630720000
x-amz-meta-md5-hash: 11cea7ada0ec3692579299eb01584049
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Dec 2022 18:03:40 GMT
age: 329692
x-served-by: cache-iad-kiad7000078-IAD, cache-bma1641-BMA
x-cache: HIT, MISS
x-cache-hits: 5, 0
x-timer: S1670349820.097302,VS0,VE91
access-control-allow-origin: *
content-length: 25129
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x315, components 3\012- data
Size:   25129
Md5:    11cea7ada0ec3692579299eb01584049
Sha1:   95c0d333e5eb5e60cb78758896a826939a9e5f65
Sha256: 6a13d46a9f02ffac3d01972482a986b69fb14bbe5b9e0c5355dad5f689915fa0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1783
Cache-Control: max-age=141293
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638f01f2-118"
Expires: Thu, 08 Dec 2022 09:18:33 GMT
Last-Modified: Tue, 06 Dec 2022 08:48:50 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /pictures/45639850.jpg HTTP/1.1 
Host: images.dealerrevs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         216.119.137.98
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.2
Date: Tue, 06 Dec 2022 18:03:40 GMT
Content-Length: 22592
Last-Modified: Tue, 22 Feb 2011 00:31:52 GMT
Connection: keep-alive
ETag: "4d6303f8-5840"
Expires: Mon, 06 Mar 2023 18:03:40 GMT
Cache-Control: max-age=7776000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x360, components 3\012- data
Size:   22592
Md5:    f9f0d95bb7bbfd2b5d314c032ac03e09
Sha1:   d0e0fc2250f0522b9794fac1ab3d26c2f4a492ae
Sha256: 628b9646cf4ad87f2f7bf9bdb04732e8428fa8492b997680e75c9be3ce748cfd
                                        
                                            GET /ui/1/30/65/3872565_1.jpg HTTP/1.1 
Host: www.olx.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive

search
                                         95.101.10.155
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Content-Length: 162
Location: https://www.olx.com/ui/1/30/65/3872565_1.jpg
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000
Expires: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:40 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97147
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638e4b49-1d7"
Expires: Wed, 07 Dec 2022 21:02:47 GMT
Last-Modified: Mon, 05 Dec 2022 19:49:29 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m10w1vqGNIYAcvDBjj-KfmDOsvbL4C4jTro9xo5NmgqOK1ij3fnVLg==
Age: 4398

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=106040
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638e7f34-1d7"
Expires: Wed, 07 Dec 2022 23:31:00 GMT
Last-Modified: Mon, 05 Dec 2022 23:31:00 GMT
Server: nginx
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96124
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638e4b49-1d7"
Expires: Wed, 07 Dec 2022 20:45:44 GMT
Last-Modified: Mon, 05 Dec 2022 19:49:29 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: --8NJFe-Myq4ef1TbgLgjgAk58v5E0Z0NBpV6fxGonCv0NcsitQ7Ow==
Age: 3375

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97568
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638e4b49-1d7"
Expires: Wed, 07 Dec 2022 21:09:48 GMT
Last-Modified: Mon, 05 Dec 2022 19:49:29 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ccII4aDTCGdALi4lwa7wiD24yNQBM-jfrW7s0QgCPiaL4GgwCgsTjA==
Age: 4819

                                        
                                            GET /ui/1/30/65/3872565_1.jpg HTTP/1.1 
Host: www.olx.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Content-Length: 146
Expires: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:40 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            GET /ui/1/30/65/3872565_1.jpg HTTP/1.1 
Host: images02.olx.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         95.101.10.145
HTTP/1.1 302 Moved Temporarily
                                        
Server: AkamaiGHost
Content-Length: 0
Location: http://www.olx.com/ui/1/30/65/3872565_1.jpg
Expires: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=126215
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638ece03-2d7"
Expires: Thu, 08 Dec 2022 05:07:15 GMT
Last-Modified: Tue, 06 Dec 2022 05:07:15 GMT
Server: nginx
Content-Length: 727

                                        
                                            GET /photos/00640/1091/10918150_001.jpg HTTP/1.1 
Host: www.autobase.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         137.192.96.253
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Length: 1245


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1245
Md5:    5343c1a8b203c162a3bf3870d9f50fd4
Sha1:   04b5b886c20d88b57eea6d8ff882624a4ac1e51d
Sha256: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
                                        
                                            GET /var/ezflow_site/storage/images/news/car/09q4/2010_volkswagen_new_beetle_final_edition_coupe_and_convertible-auto_shows/gallery/2009_volkswagen_new_beetle_interior_photo_50/3073763-1-eng-US/2009_volkswagen_new_beetle_05_cd_gallery.jpg HTTP/1.1 
Host: www.caranddriver.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.0.155
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
                                        
content-encoding: gzip
content-security-policy: upgrade-insecure-requests; default-src https: data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:;
etag: "qqx8tkaxpf3k66"
expires: Tue, 06 Dec 2022 18:03:40 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: DENY
x-gdpr-site: 0
x-xss-protection: 1; mode=block
accept-ranges: bytes
age: 0
date: Tue, 06 Dec 2022 18:03:40 GMT
x-cache: MISS, MISS
vary: X-Arb, X-GDPR, X-ADSFREE, Accept-Encoding
set-cookie: _perhip=; expires=Mon, 06 Dec 2021 18:03:40 GMT; path=/; _HFID=; httponly; expires=Mon, 06 Dec 2021 18:03:40 GMT; secure; path=/; _HFID=; expires=Mon, 06 Dec 2021 18:03:40 GMT; secure; path=/; location_data={"country_code":"NO","postal_code":"0168"}; path=/;
strict-transport-security: max-age=31557600
geo-city: oslo
geo-continent-code: EU
geo-postal-code: 0168
x-country: NO
link: <https://googletagservices.com>; rel=preconnect, <https://api.backfires.caranddriver.com>; rel=preconnect, <https://securepubads.g.doubleclick.net>; rel=preconnect, <https://cdn.optimizely.com>; rel=preconnect, <https://adservice.google.com>; rel=preconnect, <https://connect.facebook.net>; rel=preconnect, <https://logx.optimizely.com>; rel=preconnect, <https://www.facebook.com>; rel=preconnect, <https://h.nexac.com>; rel=preconnect, <https://gtrk.s3.amazonaws.com>; rel=preconnect, <https://graph.facebook.com>; rel=preconnect, <https://hips.hearstapps.com>; rel=preconnect, <https://nexus.ensighten.com>; rel=preconnect, <https://www.google-analytics.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect, <https://stats.g.doubleclick.net>; rel=preconnect, <https://www.google.com>; rel=preconnect, <https://tpc.googlesyndication.com>; rel=preconnect, <https://fonts.googleapis.com>; rel=preconnect, <https://img.vast.com>; rel=preconnect, <https://z.moatads.com>; rel=preconnect
x-robots-tag: all
cache-control: max-age=0, must-revalidate, private
content-length: 37895
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Size:   37895
Md5:    504ecf926220dc5fbd4b1fc546c1b695
Sha1:   39167ae6713a4500a5011f13a74ea4a0768fe6a2
Sha256: 2bc3d3a8bdd0885c44a43b04560996cadfb666bfd4b273b51a0fd955ee32fa8e
                                        
                                            GET /ui/1/30/65/3872565_1.jpg HTTP/1.1 
Host: www.olx.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive

search
                                         95.101.10.155
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Content-Length: 162
Location: https://www.olx.com/ui/1/30/65/3872565_1.jpg
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000
Expires: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:40 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /img/logo-16.png HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         142.250.74.41
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 07:09:35 GMT
Expires: Tue, 13 Dec 2022 07:09:35 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 05 Dec 2022 06:50:28 GMT
Age: 39245


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   279
Md5:    5ffecab6c722bb0adc3fce8d83b27993
Sha1:   0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
Sha256: cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
                                        
                                            GET /ui/1/30/65/3872565_1.jpg HTTP/1.1 
Host: www.olx.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.10.155
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Content-Length: 146
Expires: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:40 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=119012
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638eb1e0-116"
Expires: Thu, 08 Dec 2022 03:07:12 GMT
Last-Modified: Tue, 06 Dec 2022 03:07:12 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /images/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg HTTP/1.1 
Host: www.carid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         51.81.123.17
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: openresty
date: Tue, 06 Dec 2022 18:03:40 GMT
content-length: 162
location: https://images.carid.com/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /20110419/RP2510/3M402364_01.jpg HTTP/1.1 
Host: an.images.dmotorworks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/

search
                                         207.186.166.148
HTTP/1.1 404 Not Found
Content-Type: text/html;charset=utf-8
                                        
Date: Tue, 06 Dec 2022 18:03:40 GMT
Server: Apache
Content-Length: 1054
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1054), with no line terminators
Size:   1054
Md5:    498917457e83b28413b39a6eedd818e4
Sha1:   9a5cde09f774554e83249ea2a3aaf050e593aaec
Sha256: 7991984577e2c644d581a6059c897623b291b4b8cba7de5b33c535467469b5ec
                                        
                                            GET /seo.php?username=billymoon HTTP/1.1 
Host: www.777seo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         103.224.182.251
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Dec 2022 18:03:40 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1670349820.4176922; expires=Fri, 03-Dec-2032 18:03:40 GMT; Max-Age=315360000
Location: http://ww38.777seo.com/seo.php?username=billymoon&subid1=20221207-0503-40ec-a7e8-cafab1665da1
Content-Length: 0
Connection: close

                                        
                                            GET /__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz HTTP/1.1 
Host: my.blueadvertise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         103.224.182.251
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Dec 2022 18:03:40 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1670349820.5863774; expires=Fri, 03-Dec-2032 18:03:40 GMT; Max-Age=315360000
Location: http://ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz&subid1=20221207-0503-4070-8f6f-e94598aa028a
Content-Length: 0
Connection: close

                                        
                                            GET /__adserver/insertions/display.php?token=MTA4ODF8MTYweDYwMHwxNjB8NjAwfDM= HTTP/1.1 
Host: my.blueadvertise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         103.224.182.251
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Dec 2022 18:03:40 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1670349820.5312045; expires=Fri, 03-Dec-2032 18:03:40 GMT; Max-Age=315360000
Location: http://ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8MTYweDYwMHwxNjB8NjAwfDM=&subid1=20221207-0503-4011-897a-f9c61e9daa7c
Content-Length: 0
Connection: close

                                        
                                            GET /b1.php?id=billymoon HTTP/1.1 
Host: www.besthitsnow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         5.79.79.210
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 06 Dec 2022 18:03:40 GMT
location: http://ww1.besthitsnow.com
server: nginx
set-cookie: sid=504a9c10-7590-11ed-89c3-df3b5ab7f5fa; path=/; domain=.besthitsnow.com; expires=Sun, 24 Dec 2090 21:17:47 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Tue, 06 Dec 2022 18:03:40 GMT
date: Tue, 06 Dec 2022 18:03:40 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1034), with no line terminators
Size:   665
Md5:    34e37af4d526255a20a2056cd5f4addf
Sha1:   bcac186d6a49539e69a3f67aa08d0188966f5623
Sha256: 51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
                                        
                                            GET /attachments/barbie_nb_interior_large-jpg.60022/ HTTP/1.1 
Host: newbeetle.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Cookie: __cf_bm=_ftRqcgcX73TFTtF7fi4U.XcSSZPJmvlVym4JFMh34c-1670349820-0-AR874Jqgs+uft5A8VJ6uxJptb0LPD0fvGIP0B7x5kAzmpEiPKjDQ6baLGvT2lcE87YcF5mzthL6+vNc+MQU9KXt6j4/QpJvbZjf+XCp9MsFb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.69.82
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
date: Tue, 06 Dec 2022 18:03:40 GMT
location: https://www.newbeetle.org/attachments/barbie_nb_interior_large-jpg.60022/
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Tue, 06 Dec 2022 18:03:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
x-cluster-node: xenforo-91717439-7cf8bc8689-6m8hk
x-ua-compatible: IE=Edge,chrome=1
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://data-labeling.platforum.cloud/
x-envoy-upstream-service-time: 53
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: BYPASS
set-cookie: isInTestGroup_sidebarMiddleAd9010=1; expires=Thu, 05-Dec-2024 18:03:40 GMT; Max-Age=63072000; path=/; HttpOnly experiment_sidebarMiddleAd9010=sidebarMiddleAdExp; expires=Thu, 05-Dec-2024 18:03:40 GMT; Max-Age=63072000; path=/; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7756f08a9c13b518-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.3
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 11:03:19 GMT
expires: Wed, 06 Dec 2023 11:03:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
age: 25222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (730)
Size:   162976
Md5:    79d18cf4265108d7cecca1bf4ada6109
Sha1:   e51d0285a545381d4c39e9e0292a650ffeeecbb9
Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: ww1.besthitsnow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         199.59.243.222
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: openresty
Date: Tue, 06 Dec 2022 18:03:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=4570dc9e-6547-b14d-cd6c-f693ad5d476b; expires=Tue, 06-Dec-2022 18:18:41 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_LJ3iEuT62c0exEmL/g6EUprxMqAfQgm/pDeQqE/mJH2UigX+HkVuIctdJYr1UDPn+14zvQVNUDRXBJDDKCk9rA==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1508), with no line terminators
Size:   1074
Md5:    cf4dc6862ed8f0137aa1cc57d0c4220b
Sha1:   7cbdc096a5019113ef7edc722d1fa25300a129a1
Sha256: 7ba06a0562cdd0c41397bf86e7d7c700c9521a6c0a60ee42d1db1704c7e77736
                                        
                                            GET /imageserver/inventory/500x375/100A13/2769802643.jpg HTTP/1.1 
Host: www.usedcars.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         13.107.238.53
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
                                        
cache-control: public, max-age=31536000, s-maxage=31536000
content-encoding: gzip
etag: "1ddc-+Nqv7NzdN1zpRQ3cpd3pVCYxV4I"
vary: Accept-Encoding
request-context: appId=cid-v1:d191015c-c8f6-4ee6-9fc1-09d3f95eb7a1
strict-transport-security: max-age=63072000
x-frame-options: DENY
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1
x-powered-by: Next.js
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/IOPYwAAAAA3621kS6PPS4cD9ynSrS+GU1ZHMjBFREdFMDUxOABmOTNlMzM4Mi00M2Y5LTQ5MmItODY3My1hOTQ4M2FkYzAwOGU=
date: Tue, 06 Dec 2022 18:03:40 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2638)
Size:   8647
Md5:    6220372b0984ac0431498d38f855a559
Sha1:   15305ab9d24461ea6b83553de09df5d23d953bf2
Sha256: afac52920ac4be94b7e158290a6aaa28032a5e7bdfe2ac58e4ffa5a2cda3ac38
                                        
                                            GET /__adserver/insertions/display.php?token=MTA4ODF8MTYweDYwMHwxNjB8NjAwfDM=&subid1=20221207-0503-4011-897a-f9c61e9daa7c HTTP/1.1 
Host: ww38.my.blueadvertise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         75.2.11.242
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Dec 2022 18:03:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_PXS7GTKlQMXHMjf1EzBebYrurcrTSp3dd6FW0vTYQTDcfBglbIpNwdLILOrsbaDGuuFUc48OjRYhGilpJkt8UA==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2655)
Size:   5966
Md5:    0c5dca03b8df38e88086c8413061fd3b
Sha1:   f834424032eaaedc8f496f78868a25e147e116d6
Sha256: 67bcf84659b770dddd5efc21d90c1894ad4da2328d240e35fa5252f04817a043
                                        
                                            GET /__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz&subid1=20221207-0503-4070-8f6f-e94598aa028a HTTP/1.1 
Host: ww38.my.blueadvertise.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         75.2.11.242
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Dec 2022 18:03:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_hAA240BjS2KKy4spJ6Zu+eQRLWuCvM3rGFbm6OdRniHFoS+deC6xte47PAzEoE4n6zmpiDsBu2uOmWmDvh1AJQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2655)
Size:   5968
Md5:    126b38b5a97c4eb727bbbec4ef67eb78
Sha1:   8c6415b71043730aad59b98629351877240eba10
Sha256: 465d24a75854010fb22b5baae5b36fb3d1faa2c307995afb9bf2d98dbc34c454
                                        
                                            GET /sbanner.php?u=billymoon HTTP/1.1 
Host: www.sendptp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         103.224.212.220
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Dec 2022 18:03:41 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1670349821.6433966; expires=Fri, 03-Dec-2032 18:03:41 GMT; Max-Age=315360000
Location: http://ww38.sendptp.com/sbanner.php?u=billymoon
Content-Length: 0
Connection: close

                                        
                                            GET /Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg HTTP/1.1 
Host: images.carid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.33.119.16
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
x-powered-by: PHP/7.2.27
content-length: 0
date: Tue, 06 Dec 2022 18:03:41 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /scripts/maincaf.js HTTP/1.1 
Host: d38psrni17bvxu.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/

search
                                         54.230.245.22
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 7006
Connection: keep-alive
Server: nginx
Date: Tue, 06 Dec 2022 02:41:52 GMT
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
Accept-Ranges: bytes
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GF5U73j51n9CXLaNIfEa6wEbkZx6l25bR27K3uM1NoXO2r968dPz2g==
Age: 55309


--- Additional Info ---
Magic:  ASCII text, with very long lines (316)
Size:   7006
Md5:    3c7567521347bf95b105ffa7fdc7da86
Sha1:   08739adacbf1300c74d8ae1cf100d00d9fbd0e5f
Sha256: 0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/parking.2.100.2.js HTTP/1.1 
Host: ww1.besthitsnow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.besthitsnow.com/

search
                                         199.59.243.222
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: openresty
Date: Tue, 06 Dec 2022 18:03:41 GMT
Last-Modified: Mon, 14 Nov 2022 17:46:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (65536), with no line terminators
Size:   22285
Md5:    239c79e8ead12ade233b4b98f3a1d68d
Sha1:   ebb33fbc73ffa07c517270874bef61576c7aecf6
Sha256: 148cf1738ec4c4800fa6e1fa02ea75d6cc76c5d0096b11dc1af4b47ffbcf2d0b
                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/

search
                                         142.250.74.132
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Tue, 06 Dec 2022 18:03:41 GMT
Expires: Tue, 06 Dec 2022 18:03:41 GMT
Cache-Control: private, max-age=3600
ETag: "3609449013642164181"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0


--- Additional Info ---
Magic:  ASCII text, with very long lines (1885)
Size:   53487
Md5:    38bab3c6ccb019bd62d64142d7e19d90
Sha1:   4d8aaf07a19e2a86a9566ba9b3fe6ddd32b8f386
Sha256: 05c93a63c1af05afd643d5fdb4cc4c899a162d21c87d407130f7aa81b9bd546f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10702
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:03:41 GMT
Connection: keep-alive

                                        
                                            GET /scripts/sale_form.js HTTP/1.1 
Host: c.parkingcrew.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/

search
                                         185.53.178.30
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   761
Md5:    64f809e06446647e192fce8d1ec34e09
Sha1:   5b7ced07da42e205067afa88615317a277a4a82c
Sha256: f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10702
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:03:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10702
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:03:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10702
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:03:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10702
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:03:41 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   53983
Md5:    c8da8f4615d128fcd920e9665e609fbf
Sha1:   93c0d6987aad541ab3453abbae2c5bc4517704e9
Sha256: 6a7796de7652eee0e7aa6becc59962c98e3b642eacef71adccae231f2d07185d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WMeay1i2pxnboCB3Qcwb2ray4tnyEzO89tQrHCfGdI3s9kJsMWvzBw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 03:41:05 GMT
age: 51756
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12830
Md5:    5d72fb8d20c29763234c2817b119d11b
Sha1:   d4924ec714f5157bcb2fddcb5f768188a3dd37dc
Sha256: e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bWcuXixVA50JUynSO7ar3nWfjsTa5iOteSYq88bWPlQvz__1qfv7Uw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 73312
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11469
Md5:    5529617b0748f2d8c82ef99c1ac116a8
Sha1:   a862b74508113ae72b56b9b3de0c75ba559b9032
Sha256: 376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 72919
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11352
Md5:    7f2c354a00ab51d4a41221b6bf191c10
Sha1:   01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
Sha256: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 71653
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 72560
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11175
Md5:    38b97436af942d5eb1111ca7043259a0
Sha1:   0234fe32c84c4711f0619714f3ac6d3db1b717d3
Sha256: a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 72580
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10594
Md5:    7e1b54923ba506fde6b21c5bfb51ccc8
Sha1:   366aa3ab0790c496ea51bc08d1f2ff3358530d9e
Sha256: a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
                                        
                                            GET /themes/cleanPeppermintBlack_657d9013/img/bottom.png HTTP/1.1 
Host: d38psrni17bvxu.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/

search
                                         54.230.245.22
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 3359
Connection: keep-alive
Server: nginx
Date: Mon, 05 Dec 2022 18:03:49 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-d1f"
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: btYiSvHGk4bB_AhsWINEqsnJ7S21OQtMPVeTLmC7Mq7C9S9DwHR_IQ==
Age: 86392


--- Additional Info ---
Magic:  PNG image data, 459 x 156, 8-bit colormap, non-interlaced\012- data
Size:   3359
Md5:    8f00618489c9024bc741a161effb2e32
Sha1:   7e3146cfd561806169d6201b01ccbe37a256dfc5
Sha256: ee13da8e8d4bd49a7fdd595de382a3c7dbfef6f8555aeca5292c8c80da75f355
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
date: Tue, 06 Dec 2022 18:03:41 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+081; expires=Thu, 05-Dec-2024 18:03:41 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 06 Dec 2022 18:03:41 GMT
cache-control: private
X-Firefox-Spdy: h2

                                        
                                            POST /log?format=json&hasfast=true HTTP/1.1 
Host: play.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1527
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-encoding: gzip
date: Tue, 06 Dec 2022 18:03:41 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: __Secure-ENID=8.SE=cM6_cCTbeT_liFhIm6beyUqo-aM3oleGRWvDv2jUXz9pluBBaw13izmnEiuzeN_qf1EINKq5bI-ytx5KYR7Uio2qjttNvPu1MWqCR1raCbiT7ihSzd8V9BetM_M7FCtDPIxX3ai6Opx625fLCBSF0yAwINeqsKbiPmKibbZU_48; expires=Sat, 06-Jan-2024 10:21:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax CONSENT=PENDING+085; expires=Thu, 05-Dec-2024 18:03:41 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 06 Dec 2022 18:03:41 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    babb6f090aeebc6f421624475b4aefff
Sha1:   06079b7547949822c118224e51604f4c5ebf80c8
Sha256: b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
                                        
                                            POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2975
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-encoding: gzip
date: Tue, 06 Dec 2022 18:03:41 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=Nb2dcxFz1tk3ZnFMj2Nw5fOwh9oJp0tYovppeAVegBGGO8hb-kfHTbsT18vzQDzbt_YzVIt0Ud4bzxh_q215t5CH5hGCthubhztVtlXXLDBo5rwZip4jO7VyoV-NbGGqCM8Sg8UE-XqZNeGh6J6OxCk8OfCniJ5Rs_qE3g_vINk; expires=Wed, 07-Jun-2023 18:03:41 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=PENDING+953; expires=Thu, 05-Dec-2024 18:03:41 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 06 Dec 2022 18:03:41 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   131
Md5:    babb6f090aeebc6f421624475b4aefff
Sha1:   06079b7547949822c118224e51604f4c5ebf80c8
Sha256: b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
                                        
                                            GET /seo.php?username=billymoon&subid1=20221207-0503-40ec-a7e8-cafab1665da1&_xafvr=ZjNhNjkzYjAyZWFhZjU1NjcyMTdlODlhYmE4OWRjOTQ1ZThlNmRmOCw2MzhmODNmZDFkZDFh HTTP/1.1 
Host: ww38.777seo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/seo.php?username=billymoon&subid1=20221207-0503-40ec-a7e8-cafab1665da1
Upgrade-Insecure-Requests: 1

search
                                         75.2.11.242
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 06 Dec 2022 18:03:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_yahoo
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   2742
Md5:    f3b93edc55c615ac9c469d5cecc1df17
Sha1:   46ed8f6872f64259e131e40569dc1169bcd44041
Sha256: 3c327432d66df6eedcbb132b5e75430724f7096a6bd370bfc9f4c647b38d86e7
                                        
                                            GET /scripts/sale_form.js HTTP/1.1 
Host: c.parkingcrew.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/

search
                                         185.53.178.30
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   761
Md5:    64f809e06446647e192fce8d1ec34e09
Sha1:   5b7ced07da42e205067afa88615317a277a4a82c
Sha256: f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ww38.777seo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/seo.php?username=billymoon&subid1=20221207-0503-40ec-a7e8-cafab1665da1&_xafvr=ZjNhNjkzYjAyZWFhZjU1NjcyMTdlODlhYmE4OWRjOTQ1ZThlNmRmOCw2MzhmODNmZDFkZDFh

search
                                         75.2.11.242
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110490
Date: Tue, 06 Dec 2022 18:03:42 GMT
Etag: "638e7b07-1d7"
Expires: Thu, 08 Dec 2022 00:45:12 GMT
Last-Modified: Mon, 05 Dec 2022 23:13:11 GMT
Server: ECS (dcb/7F13)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sTX9s9UH0QbCj4mZBv5TwVEmeHR1RTLCYPzqPKxrTZdLN4xNhWfZYw==
Age: 5521

                                        
                                            GET /lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1 HTTP/1.1 
Host: brigi-jar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww38.777seo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.170.174.54
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Tue, 06 Dec 2022 18:03:42 GMT
content-length: 10723
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1924)
Size:   10723
Md5:    70a7f3c15d8721076d0bce1c5d4e131c
Sha1:   006dbc4b2a3747c49e7a99ad4ce616e207ae85f5
Sha256: 2b02b8a9ecb05d082a730a315548df83eb24e1a656518ace732c62edc820fc04
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 18:03:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /main.js HTTP/1.1 
Host: brigi-jar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.170.174.54
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 06 Dec 2022 18:03:42 GMT
content-length: 480
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Mon, 05 Dec 2022 10:19:13 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   480
Md5:    91558066fecbfc1f6f77842f6aa85a6c
Sha1:   6bb5c5f2cb4efaf30a8ab810e1b453dcb4df108e
Sha256: efa0d78cbfa66831e490b26d1bb55b14f6c9f8f3a04b1d08403947abd25908ed
                                        
                                            GET /style.css HTTP/1.1 
Host: brigi-jar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.170.174.54
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 06 Dec 2022 18:03:42 GMT
content-length: 5981
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Mon, 05 Dec 2022 10:19:13 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5981
Md5:    2eb024ad11ef5f2e503bfb60117c25d8
Sha1:   235b5ca1205cc2ca3d0b8e4f98ce022512b05c0f
Sha256: d8efc1d8e1100baf07f4105119fde6f8fe760a9efebf189adc5d9b3dfccc9e0a
                                        
                                            GET /css?family=Poppins:300 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 18:03:42 GMT
date: Tue, 06 Dec 2022 18:03:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /empty.gif HTTP/1.1 
Host: brigi-jar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.170.174.54
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 06 Dec 2022 18:03:43 GMT
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Mon, 05 Dec 2022 10:19:13 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /domain_profile.cfm?d=ad-u.com HTTP/1.1 
Host: www.hugedomains.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.6.37
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 06 Dec 2022 18:03:40 GMT
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Fri, 01-Dec-2023 18:03:40 GMT; path=/ site_version=HDv3; expires=Fri, 01-Dec-2023 18:03:40 GMT; path=/ captcha-tracker=; expires=Mon, 05-Dec-2022 18:03:40 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LM6uPa7J%2BQcE9sJGCkxb3b9IEoDqgh5mgD0N0Z6YN2FNU8Josbjgj6UGfPtIcI2B70eRE8RtPrzrkhiPnCpBIagU67J5wDuiAo2VdzsUj849dBX9zmhFQ97r4%2FsfKOngc9S4lYc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7756f08869870b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1467), with CRLF, LF line terminators
Size:   2985
Md5:    36097c614bb25d9a3eda25662dd94cee
Sha1:   eadb90e9fadb1ec70a4122e2a34e5b8a5218130f
Sha256: f38fcc0fadb7cf16f33b55193d4de2e16637e8f722afb6943c8764f1c444e512
                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://brigi-jar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 513293
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   8151
Md5:    5c298f1563a3daf0901b0caedffd30fe
Sha1:   42aeefcb01cff04e65fb57ead0c98f240d303f59
Sha256: 7586f2286a2ca1802951681f2e0b7493037031c8d149bc65cfeb0d6d06ccc46e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107950
Date: Tue, 06 Dec 2022 18:03:43 GMT
Etag: "638e81fb-1d7"
Expires: Thu, 08 Dec 2022 00:02:53 GMT
Last-Modified: Mon, 05 Dec 2022 23:42:51 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eN76IH-GH5O-HUoUzfgxXbEnDrCH-sbG27P5-F1L1Ag7zcBvLo-Ncw==
Age: 1202

                                        
                                            GET /css?family=Poppins HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 18:03:42 GMT
date: Tue, 06 Dec 2022 18:03:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   24807
Md5:    9b515faff9f2b01db4f92f6f8c843a47
Sha1:   a34e8b0be8fa5f6d7d178feeac70b9be9fa204f8
Sha256: a37e145535935b18b4cf23ca791db97e2e08b1b296c11ddff7d85c0cdfd661bc
                                        
                                            GET /forums/attachments/questions-issues-concerns-problems-new-beetle/60022d1249185019-volkswagen-new-beetle-1-8-turbo-gls-barbie_nb_interior_large.jpg HTTP/1.1 
Host: newbeetle.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.69.82
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
date: Tue, 06 Dec 2022 18:03:40 GMT
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Tue, 06 Dec 2022 18:03:40 GMT
location: /attachments/barbie_nb_interior_large-jpg.60022/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
x-cluster-node: xenforo-91717439-7cf8bc8689-l6vrw
x-ua-compatible: IE=Edge,chrome=1
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://data-labeling.platforum.cloud/
x-envoy-upstream-service-time: 188
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: BYPASS
set-cookie: isInTestGroup_sidebarMiddleAd9010=1; expires=Thu, 05-Dec-2024 18:03:40 GMT; Max-Age=63072000; path=/; HttpOnly experiment_sidebarMiddleAd9010=sidebarMiddleAdExp; expires=Thu, 05-Dec-2024 18:03:40 GMT; Max-Age=63072000; path=/; HttpOnly xf_csrf=Z8eHxr_Qt99m0cxh; path=/; secure __cf_bm=_ftRqcgcX73TFTtF7fi4U.XcSSZPJmvlVym4JFMh34c-1670349820-0-AR874Jqgs+uft5A8VJ6uxJptb0LPD0fvGIP0B7x5kAzmpEiPKjDQ6baLGvT2lcE87YcF5mzthL6+vNc+MQU9KXt6j4/QpJvbZjf+XCp9MsFb; path=/; expires=Tue, 06-Dec-22 18:33:40 GMT; domain=.newbeetle.org; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7756f08838b4b518-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /buynow/ymads.com HTTP/1.1 
Host: www.domainmarket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.66.43.135
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 06 Dec 2022 18:03:40 GMT
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 06 Dec 2022 09:47:06 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEL0siXkE4cevdTpEqNrIqn6h0uYy9Ou%2FZcVvwHys9mgeIGiyriXDAJE2oEzXLSZf4zewpPquJIjZRQlJ73heOFK%2B%2BSAgDclfD12QHZ3YzAyLV4%2Bwwd7c5teb2xgLfu%2FUZQC3Db5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7756f086fed0b518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /used_2003_volkswagen_beetle_for_sale_92696529107651905.jpg HTTP/1.1 
Host: imganuncios.mitula.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.61
HTTP/2 403 Forbidden
content-type: application/xml
                                        
date: Tue, 06 Dec 2022 18:03:39 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L_-Wv6a_mDDs4aC8lMltY5W4xfVJQhKCEzn3-jlKK-UccFy6fUgJtg==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /used_2003_volkswagen_beetle_for_sale_93277417196951572.jpg HTTP/1.1 
Host: imganuncios.mitula.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.61
HTTP/2 403 Forbidden
content-type: application/xml
                                        
date: Tue, 06 Dec 2022 18:03:40 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d6AKSen35VpaaK4ix__vk8CVaWiVSuryJulJ80ykWL2TXAGl8ELlTg==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /2003_volkswagen_new_beetle_gls_2_0l_glendale_heights_il_93319248746806567.jpg HTTP/1.1 
Host: imganuncios.mitula.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.61
HTTP/2 403 Forbidden
content-type: application/xml
                                        
date: Tue, 06 Dec 2022 18:03:39 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: spJ5h6cqpGpKaaAYAA1z3ofHs1ITtKd1R065WwcRWP0SW7Ow19K-NA==
X-Firefox-Spdy: h2


--- Additional Info ---