Overview

URL gimnostipos.blogspot.com.uy/
IP142.250.74.161
ASNGOOGLE
Location United States
Report completed2022-10-06 06:06:30 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-06 2 gimnostipos.blogspot.com.uy/ Malware
2022-10-06 2 gimnostipos.blogspot.com/ Malware
2022-10-06 2 gimnostipos.blogspot.com/js/cookienotice.js Malware
2022-10-06 2 cdn.widgetserver.com/syndication/subscriber/InsertWidget.js Malware
2022-10-06 2 cdn.widgetserver.com/ Malware
2022-10-06 2 cdn.widgetserver.com/mtm/async/.eJxdjEsOwjAMRO-SZYlillDEWVBI3dRSPiYxbSXE3Uk (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL ocsp.godaddy.com/
IP  192.124.249.22
Magic gzip compressed data, max compression\012- data
Size 55605
MD5 b88bd5dbcafedd0e6abc9a812657c96e
SHA1 988127f26ac4b346c9d966cfa2e5c93f7cd7ca6d
SHA256 2853f8e7a899d5f39b63f88573e07710b8673ba0e1acdae1cfc936b433aa7b9c
Analyzer Analysed Verdict Comment
VirusTotal 0/0
URL api.aws.parking.godaddy.com/v1/parkingEvents
IP  44.193.148.120
Magic gzip compressed data, max compression\012- data
Size 53967
MD5 5c91c955488d35ea10ff29c99c158552
SHA1 0e06969d58b3044fda6596cd233051a8773d4812
SHA256 c1fc09634a458d9543b4e56fd80dab36d0d11a03e7af9ea030d4056d969c0b8b
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (30)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-10-06 04:46:31 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-05 05:01:05 UTC 34.117.237.239
mnemonic passive DNS www.blogger.com (5) 8975 2012-05-22 07:35:03 UTC 2022-10-06 05:11:52 UTC 216.58.207.201
mnemonic passive DNS ocsp.godaddy.com (3) 698 2012-05-20 19:28:57 UTC 2022-10-05 10:10:40 UTC 192.124.249.22
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-10-06 04:51:02 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img1.blogblog.com (1) 65460 2012-05-22 07:35:04 UTC 2022-10-05 18:14:32 UTC 216.58.207.201
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-06 05:20:05 UTC 93.184.220.29
mnemonic passive DNS accounts.google.com (1) 81 2016-09-05 09:39:47 UTC 2022-10-06 05:57:20 UTC 216.58.207.237
mnemonic passive DNS lh3.googleusercontent.com (1) 66 2013-05-30 23:27:19 UTC 2022-10-06 04:23:12 UTC 142.250.74.33
mnemonic passive DNS cdn.widgetserver.com (4) 0 2012-05-22 02:51:28 UTC 2022-10-06 03:37:22 UTC 45.33.23.183 Domain (widgetserver.com) ranked at: 501429
mnemonic passive DNS img1.wsimg.com (4) 9893 2012-06-20 14:42:31 UTC 2022-10-05 11:39:29 UTC 23.36.79.43
mnemonic passive DNS gimnostipos.blogspot.com.uy (1) 0 2022-10-04 14:05:39 UTC 2022-10-04 18:04:57 UTC 142.250.74.161 Unknown ranking
mnemonic passive DNS apis.google.com (2) 105 2013-05-30 23:17:44 UTC 2022-10-05 09:25:09 UTC 142.250.74.174
mnemonic passive DNS pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-10-06 05:52:08 UTC 216.58.207.226
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-06 04:51:09 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS 2.bp.blogspot.com (2) 11071 2013-07-04 03:01:31 UTC 2022-10-05 17:50:22 UTC 142.250.74.161
mnemonic passive DNS www.frontpages.gr (1) 373894 2012-08-01 18:01:40 UTC 2022-10-06 00:31:39 UTC 104.26.15.25
mnemonic passive DNS gimnostipos.blogspot.com (2) 0 2022-10-04 15:16:35 UTC 2022-10-06 06:06:19 UTC 142.250.74.161 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-06 05:02:20 UTC 54.191.251.76
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-06 04:55:14 UTC 34.160.144.191
mnemonic passive DNS ocsp.pki.goog (15) 175 2017-06-14 07:23:31 UTC 2022-10-05 06:59:18 UTC 142.250.74.3
mnemonic passive DNS resources.blogblog.com (8) 13274 2017-01-30 04:47:40 UTC 2022-10-05 17:50:19 UTC 216.58.207.201
mnemonic passive DNS cdn.widgetserver.com (4) 0 2012-05-22 02:51:28 UTC 2022-10-06 03:37:22 UTC 45.33.18.44 Domain (widgetserver.com) ranked at: 501429
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-06 04:25:36 UTC 34.120.237.76
mnemonic passive DNS postback.trafficmotor.com (2) 96726 2019-11-09 13:35:40 UTC 2022-10-05 17:52:48 UTC 45.79.38.145
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-10-06 05:29:05 UTC 54.230.111.7
mnemonic passive DNS partner.googleadservices.com (1) 798 2012-10-03 01:04:21 UTC 2022-10-06 04:49:34 UTC 172.217.21.162
mnemonic passive DNS 4.bp.blogspot.com (1) 11215 2013-05-06 20:18:52 UTC 2022-10-06 05:07:09 UTC 142.250.74.161
mnemonic passive DNS www6.widgetserver.com (2) 0 2018-08-09 06:10:41 UTC 2022-10-05 18:21:19 UTC 35.186.238.101 Domain (widgetserver.com) ranked at: 501429
mnemonic passive DNS api.aws.parking.godaddy.com (8) 36127 2020-03-23 21:33:37 UTC 2022-10-05 11:39:29 UTC 44.193.148.120


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.161

Date UQ / IDS / BL URL IP
2022-11-29 19:54:38 +0000
0 - 0 - 4 77581087.blogspot.com.br/search/label/new%20cummer 142.250.74.161
2022-11-29 19:03:16 +0000
0 - 0 - 1 xcvbcvxgsdfgcxvbcxvbsdfg.blogspot.co.id/?m=1 142.250.74.161
2022-11-29 19:02:17 +0000
0 - 0 - 3 xcvbcvxgsdfgcxvbcxvbsdfg.blogspot.rs/ 142.250.74.161
2022-11-29 19:01:47 +0000
0 - 0 - 3 xcvbcvxgsdfgcxvbcxvbsdfg.blogspot.ru/ 142.250.74.161
2022-11-29 19:01:15 +0000
0 - 0 - 3 xcvbxcvbsdfgsdfgcxzxcvbsdfgsdf.blogspot.jp/ 142.250.74.161

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-11-29 22:24:45 +0000
0 - 0 - 59 www.newsandpromotions.com/tracking/8474 34.117.221.220
2022-11-29 22:24:18 +0000
9 - 0 - 9 navelquestas.us/login/Login.php 34.136.2.82
2022-11-29 22:23:06 +0000
0 - 0 - 2 wedding-invitation-unique1016.blogspot.ca/201 (...) 172.217.21.161
2022-11-29 22:15:45 +0000
0 - 0 - 1 216.239.38.55/ 216.239.38.55
2022-11-29 22:13:20 +0000
0 - 0 - 1 allstuffs4babies.blogspot.ru/search/label/Fee (...) 172.217.21.161

Last 1 reports on domain: gimnostipos.blogspot.com.uy

Date UQ / IDS / BL URL IP
2022-10-06 06:06:30 +0000
0 - 0 - 6 gimnostipos.blogspot.com.uy/ 142.250.74.161

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-10 19:36:01 +0000
0 - 0 - 3 dog--lover.blogspot.li/ 142.250.74.161
2022-10-22 15:27:50 +0000
0 - 0 - 1 blognyanessiamegawati.blogspot.com/2009/04/pa (...) 142.250.74.161
2022-10-22 15:27:11 +0000
0 - 0 - 2 whatsabackpacker.blogspot.com/2009/10/most-fa (...) 142.250.74.161
2022-10-16 03:25:18 +0000
0 - 0 - 5 guidetoline.blogspot.com/search/label/s 142.250.74.161
2022-10-07 23:32:31 +0000
0 - 0 - 3 putriputrikurniasih.blogspot.com/ 142.250.74.161


JavaScript

Executed Scripts (24)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (87)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: gimnostipos.blogspot.com.uy
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         142.250.74.161
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Location: http://gimnostipos.blogspot.com/
Content-Encoding: gzip
Date: Thu, 06 Oct 2022 06:06:19 GMT
Expires: Thu, 06 Oct 2022 06:06:19 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 178
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   178
Md5:    f64f829639b3e29a9ab6729ca5d700b8
Sha1:   425b0863d642cd5662fd946b7ef80663058e149d
Sha256: 18bdd227e252bd95220b673ad488d842e7ca757c3606ee440cf65c7738049be9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5618
Expires: Thu, 06 Oct 2022 07:39:57 GMT
Date: Thu, 06 Oct 2022 06:06:19 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WB5cydgM_6B5jpPftR7538HgtdyXUhpP_nh_aoPqMl9rt4DFrVuYrw==
Age: 51541


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11933
Expires: Thu, 06 Oct 2022 09:25:12 GMT
Date: Thu, 06 Oct 2022 06:06:19 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: qsnlR6lAK6oRNI7CxLWOWZyHSRyG8wcBH9FlLpi1MEKdvG9zoYjfl7HOa678tdPYWByqzmay9+A=
x-amz-request-id: KC5AB3ACKRF1578Y
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 05:58:38 GMT
age: 461
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 06 Oct 2022 06:06:20 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 05:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 05:58:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4G93OARolsLertOdwrTdfRBtsh6279pDcOr82BZwagfqMabmQNgygQ==
Age: 2199


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: gimnostipos.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Thu, 06 Oct 2022 06:06:20 GMT
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 22 Mar 2022 23:11:44 GMT
ETag: W/"f58aa26ceba675b08896830625e0372c153175f4d9982957bb7f57a63906e5b4"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 39037
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1490)
Size:   39037
Md5:    cc0ccca5d31cd2274859fe674ccd057b
Sha1:   c6c13fe6bd88543dd18604d59d15b5c456eca6db
Sha256: 52dd2bdc54223199c833ce32bb0aafe5fe09c0790a7d6cb7475bacac852f0bb2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: gimnostipos.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 15:16:36 GMT
Expires: Tue, 11 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 04 Oct 2022 12:57:07 GMT
Age: 139784


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /charts/loader.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:47:03 GMT
expires: Thu, 06 Oct 2022 06:47:03 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
age: 1157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2134)
Size:   19937
Md5:    f3341efa0432876b1697ccec98c33b01
Sha1:   55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
Sha256: 6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 16:35:40 GMT
expires: Thu, 05 Oct 2023 16:35:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 04 Oct 2022 18:55:46 GMT
age: 48640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35959)
Size:   7776
Md5:    5aa2d3297bdc86bc81322aedecbb5e79
Sha1:   1c0a3c007e41726e167e79b70ddea76198650884
Sha256: feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Thu, 06 Oct 2022 06:06:20 GMT
expires: Thu, 06 Oct 2022 06:06:20 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1277)
Size:   20361
Md5:    b5a31516be83fe4f962609045d824f88
Sha1:   939a49a9858bf23561279f9ca2d1941d3256c66f
Sha256: edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
                                        
                                            GET /html/buttons/blogger-ipower-blue.gif HTTP/1.1 
Host: img1.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/

                                         
                                         216.58.207.201
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 984
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 19:12:33 GMT
Expires: Wed, 12 Oct 2022 19:12:33 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 05 Oct 2022 08:35:45 GMT
Age: 39227


--- Additional Info ---
Magic:  GIF image data, version 89a, 88 x 30\012- data
Size:   984
Md5:    844564f46fd338722e26e9d57808e3e6
Sha1:   02a5fa9037b53ee0278b5cb3a5bff756b5875e12
Sha256: e442a96ee7b97f5b1427de340acb16ba5013a2e3eada6428a7a64e8654358768
                                        
                                            GET /static/v1/widgets/829820975-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56806
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 02:07:50 GMT
expires: Thu, 05 Oct 2023 02:07:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:52:39 GMT
age: 100710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56806
Md5:    b18547f3bc01f36c7dd3a6b6082feeb0
Sha1:   ca60d4a2bcd171bfe918249742cfde4223f0ba00
Sha256: 7666d4f1e68fda03543de42ac22d422822013499d6937cc08ae884bfdef3688b
                                        
                                            GET /img/widgets/subscribe-yahoo.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 02:21:47 GMT
expires: Wed, 12 Oct 2022 02:21:47 GMT
cache-control: public, max-age=604800
last-modified: Tue, 04 Oct 2022 12:57:07 GMT
age: 99873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Size:   580
Md5:    79f602b6ac18bee79b4e2353a6674010
Sha1:   28accf82263aa1a11bb821439d4d185865662530
Sha256: bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
                                        
                                            GET /img/widgets/subscribe-netvibes.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 01:13:54 GMT
expires: Thu, 13 Oct 2022 01:13:54 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 12:00:16 GMT
age: 17546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Size:   1445
Md5:    c52a5f4ecb6be5d7e93b23ef4122ee4e
Sha1:   4e698a5f455daf3a8ea1e219b1998079f0546716
Sha256: 71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
                                        
                                            GET /img/icon18_edit_allbkg.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:57:04 GMT
expires: Wed, 12 Oct 2022 19:57:04 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 12:00:16 GMT
age: 36556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 18\012- data
Size:   162
Md5:    c991641178ff05adf0d004298b5eafa9
Sha1:   d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
Sha256: ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
                                        
                                            GET /img/widgets/arrow_dropdown.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 141
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 10:36:43 GMT
expires: Wed, 12 Oct 2022 10:36:43 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 04:51:44 GMT
age: 70177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 13 x 10\012- data
Size:   141
Md5:    2964a07d60a4e76b299130fb1b4115f6
Sha1:   3b72dcc19f3ad685513eaba612e07e0ed495f2e1
Sha256: 28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
                                        
                                            GET /img/icon_feed12.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 06:40:02 GMT
expires: Wed, 12 Oct 2022 06:40:02 GMT
cache-control: public, max-age=604800
last-modified: Tue, 04 Oct 2022 22:52:56 GMT
age: 84378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Size:   500
Md5:    44e7355a788fd1082deff0018883758e
Sha1:   50e3a28a44978e85d13c30522e0c71c8d0b24675
Sha256: 3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4721
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 06:06:20 GMT
Last-Modified: Thu, 06 Oct 2022 04:47:39 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /blogblog/data/1kt/watermark/body_background_birds.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 22568
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 15:25:27 GMT
expires: Wed, 12 Oct 2022 15:25:27 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 14:18:25 GMT
age: 52853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 2-bit colormap, non-interlaced\012- data
Size:   22568
Md5:    5cd8cda0e75b359eb8f15dc83b0c5c29
Sha1:   86c99fbb62aadacb3ebd3f948d345b917f65253f
Sha256: 0220dbf46954d4efe2e91d261dd3d40f06e6402c722cc5580129af64bddc58f9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 07:25:42 GMT
expires: Mon, 02 Oct 2023 07:25:42 GMT
cache-control: public, max-age=31536000
age: 340838
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (580)
Size:   57995
Md5:    d70fcc84d705c565b31a5835c0938d5b
Sha1:   d28e5dc9fcc6239d67986df3205468072023d2d7
Sha256: 1d558c94793446aa6a7832dde0c39ed7d9c77fd963ffb738c460e4f7369a7f4e
                                        
                                            GET /pagead/js/google_top_exp.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 12:52:19 GMT
Expires: Wed, 19 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Age: 62041


--- Additional Info ---
Magic:  ASCII text
Size:   67
Md5:    9bbc3ca32ec951a484589ce0e6b4db73
Sha1:   753d6f6183b33b2dee5dde2208fca91c17f5bb13
Sha256: b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /blogblog/data/1kt/watermark/body_overlay_birds.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 3523
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:57:04 GMT
expires: Wed, 12 Oct 2022 19:57:04 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 14:18:25 GMT
age: 36556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 386 x 121, 8-bit colormap, non-interlaced\012- data
Size:   3523
Md5:    031c64f442b967c59b28cdc8b03ac349
Sha1:   59f743959d06ced56f36b5e262c76e6cbfef9720
Sha256: 4bff767832f0cae6ed521f2436871dba9c4e1d036efd4889457b9e797738154a
                                        
                                            GET /blogblog/data/1kt/watermark/post_background_birds.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 103
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 16:01:40 GMT
expires: Wed, 12 Oct 2022 16:01:40 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 14:18:25 GMT
age: 50680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 10 x 10, 8-bit colormap, non-interlaced\012- data
Size:   103
Md5:    7928cb1e4fb733117a1479c289f29d92
Sha1:   bd1bbe65951f64f44ec85910877dabd35c6dbc07
Sha256: 8a44923efeda7708df28a77f7e01bb10be3831d112891172950fe8c2d6b2566e
                                        
                                            GET /img/logo-16.png HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/

                                         
                                         216.58.207.201
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 22:56:11 GMT
Expires: Wed, 12 Oct 2022 22:56:11 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 05 Oct 2022 08:35:45 GMT
Age: 25809


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   279
Md5:    5ffecab6c722bb0adc3fce8d83b27993
Sha1:   0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
Sha256: cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
                                        
                                            GET /s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gimnostipos.blogspot.com
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/

                                         
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 33436
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 19:08:01 GMT
Expires: Wed, 04 Oct 2023 19:08:01 GMT
Cache-Control: public, max-age=31536000
Age: 125899
Last-Modified: Tue, 26 Apr 2022 15:01:13 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 33436, version 1.0\012- data
Size:   33436
Md5:    b9b4c932ef89c39525bfe1b604cda3a1
Sha1:   767246e4c7df1b6c32f590c16c135808382b1aba
Sha256: 9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
                                        
                                            GET /dyn-css/authorization.css?targetBlogID=988410766766301150&zx=5c4eb7f7-d17c-4fe1-8745-8be96265d22f HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 06:06:20 GMT
last-modified: Thu, 06 Oct 2022 06:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   21
Md5:    a62e4d501434033d5d177e67d3aafdd0
Sha1:   34f7300c9ed47334cf10826d57af785321e3138b
Sha256: b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
                                        
                                            GET /blogin.g?blogspotURL=http://gimnostipos.blogspot.com/&type=blog HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://gimnostipos.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://gimnostipos.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
content-encoding: gzip
date: Thu, 06 Oct 2022 06:06:20 GMT
expires: Thu, 06 Oct 2022 06:06:20 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 282
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (344)
Size:   282
Md5:    6a8895939d46267654123958a7901e7e
Sha1:   473fb5d136d409598e6f07bc38372eba3202547d
Sha256: 65d3a990e5945e6fa03426d25ac09f3214669639ef72a44c608ee514a7085d39
                                        
                                            GET /-23DTIV7FfwQ/VasyfcWYIhI/AAAAAAAAg1M/5G1e7dImD_8/w72-h72-p-k-no-nu/http%25253A%25252F%25252F31.media.tumblr.com%25252F52a17a863b1725835e6ac15112d20bd6%25252Ftumblr_n7ou5sjfJb1qzuymjo1_1280.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="http%3A%2F%2F31.media.tumblr.com%2F52a17a863b1725835e6ac15112d20bd6%2Ftumblr_n7ou5sjfJb1qzuymjo1_1280.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4685
X-XSS-Protection: 0
Date: Thu, 06 Oct 2022 06:06:20 GMT
Expires: Wed, 05 Oct 2022 15:16:36 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v8354"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4685
Md5:    d2430eb2be70ecf2882f3f5f2770b277
Sha1:   68fe102df823b154d7a3ede28cbf9119bb98fe7a
Sha256: 652a3b490f79fff95329c76a7320e7708ad271f6354dc88992b50a79d58b16e2
                                        
                                            GET /-cJGqq1V8YI4/XKQydhtpYjI/AAAAAAAAi6U/2cghkabL0-cVaejCWzG7l2jupNCqI6MdACK4BGAYYCw/s77/KGrHqVpkFuFlgkwBQbbNPPmdg60_1.JPG HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v8ba6"
Expires: Fri, 07 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="KGrHqVpkFuFlgkwBQbbNPPmdg60_1.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 06:06:20 GMT
Server: fife
Content-Length: 4383
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 52x77, components 3\012- data
Size:   4383
Md5:    d35045143783bb67697cb62e8a2014f8
Sha1:   99af03ce0a27fdda0184df096569b6443219d3e3
Sha256: 459c38e137c10bfc0ebe854cf9893e021aeb5acba50176029d3d727253dba274
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ticker.php?category=15&c=626886&big=1 HTTP/1.1 
Host: www.frontpages.gr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Upgrade-Insecure-Requests: 1

                                         
                                         104.26.15.25
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 06 Oct 2022 06:06:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 06 Oct 2022 07:06:20 GMT
Location: https://www.frontpages.gr/ticker.php?category=15&c=626886&big=1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTLlRfkSWysysqBrFn0lgNYhs0adcUuhS1JOhRrh5yLEgswNRuJE0su%2B0PLnLDK0sXiK8YGLC4RfYZuaFw8v0FHtUxJMi%2F9E5AiagLFiOmuZveW6Bo%2FJabs2OdQYuWuG9U5x"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755c35e47a45b4ee-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://gimnostipos.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttp://gimnostipos.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gimnostipos.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 06:06:20 GMT
location: https://www.blogger.com/blogin.g?blogspotURL=http%3A%2F%2Fgimnostipos.blogspot.com%2F&type=blog&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce--huUziMpXHhmZRt8k1AJtg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 229
server: GSE
set-cookie: __Host-GAPS=1:1sYKif-5bP7_bgtAv8ucF_7omVIvAg:JUaBl9sRQj5XFZdV;Path=/;Expires=Sat, 05-Oct-2024 06:06:20 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   229
Md5:    8c1cd6083f885100267192ef8a910c16
Sha1:   8b87d14d116de90dd4a79a9f81dd4e79c9be0894
Sha256: 67456165f8b727bba38b92f876b90e05d06c827c28bbdf738bc42ae74efba112
                                        
                                            GET /syndication/subscriber/InsertWidget.js HTTP/1.1 
Host: cdn.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/

                                         
                                         45.33.18.44
HTTP/1.1 200 OK
content-type: application/javascript
                                        
server: openresty/1.13.6.1
date: Thu, 06 Oct 2022 06:06:20 GMT
content-length: 157
last-modified: Fri, 09 Mar 2018 19:33:30 GMT
etag: "5aa2e18a-9d"
accept-ranges: bytes
connection: close


--- Additional Info ---
Magic:  ASCII text
Size:   157
Md5:    67e216a27dda24bdcb086c2385b0cb99
Sha1:   17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
Sha256: 9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /blogger_img_proxy/ANbyha1ZVRvvrA9rdVQ9RLfSlTUHRffTa_rVUmZr321-HAMFPDhD1MhRdKip4nkiAXj1KHW8l6BTv8gcc2IwNZtI1fTfq0F02nQahBZ06zWW9Jdjd_4u0gyEZnYfBuRGH93m_0zc3KUprXgk6siwkTGSZYiYbrr6BJ8JiNE9JLo=w72-h72-p-k-no-nu HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 06:06:20 GMT
server: fife
content-length: 1768
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size:   1768
Md5:    ab8606ef5c18841077f94d22437da052
Sha1:   9e1f54650d1c695c2a0ff1f6d4eda46664574d97
Sha256: a274a1dd3f662895d2fb6ac2f00f176d431ef5eff81cfb39799ca6e78686ee33
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hgxXFfI0XpiT6Elj7n3XFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.191.251.76
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Sen9po1gOXu6dIsihKn/DhqzveE=

                                        
                                            GET /-22yg7nuUimg/VJ2oSgqaQ5I/AAAAAAAAgPo/xo41MYPfJSQ/s960/10891950_1581294802084704_4140886753054889924_n.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v80fb"
Expires: Fri, 07 Oct 2022 06:06:20 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="10891950_1581294802084704_4140886753054889924_n.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 06:06:20 GMT
Server: fife
Content-Length: 140839
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 960x581, components 3\012- data
Size:   140839
Md5:    4b78ffbbc52d793659c73d0c09ae0a3a
Sha1:   2611ea12584dee5bf41e43e71e79d2806b65b6f8
Sha256: ff61ffe3c4bdc1fae0533b33af92b0dc4aed24f3a975940a889fc3a2a59aa03c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: cdn.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gimnostipos.blogspot.com/
Upgrade-Insecure-Requests: 1

                                         
                                         45.33.23.183
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty/1.13.6.1
date: Thu, 06 Oct 2022 06:06:21 GMT
content-length: 7174
vary: Accept-Language
content-language: en
connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (336)
Size:   7174
Md5:    889ecdffadaef10a7385109e6cb71a15
Sha1:   82428d34164b8b7f0d5b595672584f7814a18e10
Sha256: ee6f3bc3e61c1961358e97534566890e805789066eb2250ed502ec4e7cca03a1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: cdn.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/

                                         
                                         45.33.23.183
HTTP/1.1 200 OK
content-type: image/gif
                                        
server: openresty/1.13.6.1
date: Thu, 06 Oct 2022 06:06:21 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
connection: close


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /mtm/async/.eJxdjEsOwjAMRO-SZYlillDEWVBI3dRSPiYxbSXE3UkQK3Zv5o39Us9CalSgtLLF14aNCs5YsLSwiPAI4CmmXIU4V3MP2VfOYlyO_Wxp4pZsxDZ3UzIbTR6lYlmx9E3_7ByyNC-4CywSg7bMgZwVygn23hz2_zaGy-N6NGdN0XoEu9L8ww3vrAcYvv6k3h9CTkQq:1ogK1V:knJttxbp_JAaB26O7zfXpKNK8Yk/1/0 HTTP/1.1 
Host: cdn.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cdn.widgetserver.com/
Connection: keep-alive

                                         
                                         45.33.23.183
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty/1.13.6.1
date: Thu, 06 Oct 2022 06:06:21 GMT
content-length: 321
x-mtm-path: 3
x-mtm-prov: 1:6.24;70:0.00
x-mtm-rd: 0.00
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJjZG4ud2lkZ2V0c2VydmVyLmNvbSIsImh0dHA6Ly93d3c2LndpZGdldHNlcnZlci5jb20vP3RlbXBsYXRlPUFSUk9XXzMmdGRmcz0wJnNfdG9rZW49MTY2NTAzNjM4MS4wMjMyNTgwMDAwJnV1aWQ9MTY2NTAzNjM4MS4wMjMyNTgwMDAwJnRlcm09RXVyb3BlJTIwRGVkaWNhdGVkJTIwU2VydmVycyZ0ZXJtPU5vcndheSUyMERlZGljYXRlZCUyMFNlcnZlcnMmdGVybT1Pc2xvJTIwQ291bnR5JTIwRGVkaWNhdGVkJTIwU2VydmVycyZ0ZXJtPU9zbG8lMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJnRlcm09Q3VzdG9tJTIwRGVkaWNhdGVkJTIwU2VydmVycyZzZWFyY2hib3g9MCZzaG93RG9tYWluPTEmYmFja2ZpbGw9MCIsMSwiMjAyMi0xMC0wNiAwNjowNjoyMSIsMSwiMTY2NTAzNjM4MS4wMjMyNTgwMDAwIiw3MCxudWxsLG51bGxd:1ogK1V:kkZxUFg-hcxFmezozZoVtoFJhqc; expires=Thu, 06-Oct-2022 07:06:21 GMT; Max-Age=3600; Path=/
connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (321), with no line terminators
Size:   321
Md5:    488ee7aa89d0e9a2386a30049397bafc
Sha1:   9e20121931aa2cd40b5a87fff298cee2fe8b4907
Sha256: 2f1703c088827d54f43b8d4616712d53a1afaf369ee22189aa19214a975f80f5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /?template=ARROW_3&tdfs=0&s_token=1665036381.0232580000&uuid=1665036381.0232580000&term=Europe%20Dedicated%20Servers&term=Norway%20Dedicated%20Servers&term=Oslo%20County%20Dedicated%20Servers&term=Oslo%20Dedicated%20Servers&term=Custom%20Dedicated%20Servers&searchbox=0&showDomain=1&backfill=0 HTTP/1.1 
Host: www6.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/
Upgrade-Insecure-Requests: 1

                                         
                                         35.186.238.101
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: openresty
Date: Thu, 06 Oct 2022 06:06:22 GMT
Content-Length: 2551
Last-Modified: Fri, 16 Sep 2022 16:46:12 GMT
ETag: "6324a854-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_XtX697nTWSTesvoivH1R4gZI/idybeHq1tcQa2WH8AY6utX9J2lAU9BlFo+va5jy3gujohJcPZI8saUAUGXd9Q
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Size:   2551
Md5:    41f66bb0ac50f2d851236170e7c71341
Sha1:   59bcec216302151922219b51be8ad8ab6d0b8384
Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Thu, 06 Oct 2022 09:28:00 GMT
Date: Thu, 06 Oct 2022 06:06:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Thu, 06 Oct 2022 09:28:00 GMT
Date: Thu, 06 Oct 2022 06:06:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Thu, 06 Oct 2022 09:28:00 GMT
Date: Thu, 06 Oct 2022 06:06:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Thu, 06 Oct 2022 09:28:00 GMT
Date: Thu, 06 Oct 2022 06:06:22 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
age: 29563
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10809
Md5:    a508ac9cd743bec987b2a24454418265
Sha1:   8c7ecefe6908387e2128dc849a6ba857991ba0ab
Sha256: afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 05:04:17 GMT
age: 3725
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9044
Md5:    70ea26af79226e9ff06d6198e2c019dc
Sha1:   ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
Sha256: f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8360
x-amzn-requestid: c1f21bfa-3ceb-4661-97b8-0d7475f0e911
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLlLG0joAMFQqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f2ed-43993b1377e9fbaf4e9443d2;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kyp8p-Jm92bA3VDbsKDiD_JnS2eekJFUkMjYXquZ1D15WthqXoSlsA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:57:01 GMT
age: 29361
etag: "e98c870fd29b56fa4c3847008bedc0f01f222744"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8360
Md5:    a7bcc50ecfeeca47de68cb437e966f29
Sha1:   e98c870fd29b56fa4c3847008bedc0f01f222744
Sha256: 47a82bb40ead4346323b68c886cb88528cb2162666e9549b2ab215b86a499985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F523563fe-7c63-4bf8-82a9-5a22c254cf4c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10390
x-amzn-requestid: 3a01001b-3f8a-4118-9cce-af68e92b78bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjP2EEV4oAMFcqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df9c0-254f65637b3d98f8268fe321;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:40:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: ZemQhvOGChopa_bsi6lNCPY0nNsICABg9vAsWBCkPJFv8oz7TyOGBA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:49:35 GMT
age: 29807
etag: "8c895a5716462c161f98637053cac4469eaaea33"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10390
Md5:    00e43396123462b87cf3d3592dd71f02
Sha1:   8c895a5716462c161f98637053cac4469eaaea33
Sha256: 2fc70d34c11b2fc338714930bdf6efa14a1c3d4d7560a43061aea41c83ec4d2e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff35d320d-221e-46f6-ac6e-9c5b6e8ac6bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12752
x-amzn-requestid: 3c32a029-08d0-4f98-a0e0-48a7e05242b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6sHXXIAMF-PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-176be5177b67ddc068060b19;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: nMQQhuMBlGVUc4XeG1S-BJ2_6QQQkcfjctV4xTXW8VENcNE0sVQ1rA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 30556
etag: "59ab1c451c388f7b57da52bf518eff15e0c584ff"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12752
Md5:    23e10c01392e4958e4a4f19573290da9
Sha1:   59ab1c451c388f7b57da52bf518eff15e0c584ff
Sha256: ece0b872f33166fcc2816595fdf1348664d985131bc943cd4a543524dede0274
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877f8cf1-1428-4315-8cf8-10c90a79df32.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8336
x-amzn-requestid: bd8e5a7e-1c0b-416c-864d-29ccfa294ab4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zgt2aGqXoAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cf68f-5062aaf6466bb55238e9c9a5;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 03:14:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5G1Xv1-YEygfd_4Sd3R5H9tbUJ40L0-ULzaKGaxUm9Xf-TQZmuqZjA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 09:37:13 GMT
age: 73749
etag: "e38abfb56e6b2e0802d4cc67af5b2c9d565fe53f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8336
Md5:    e0d55d3d36f59877d647b4f4e64c2ec9
Sha1:   e38abfb56e6b2e0802d4cc67af5b2c9d565fe53f
Sha256: 61a477698f080f6113b13a3773f9d7c47564ecbd1868efd1d024f52d7b2088ef
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: BJKddOb28V2CtOYHtdx3dgS4ijBb8z9Zz0e916fBJ6yIzilOfuV7lgEi1PzYX2UW11Gi/zLf5Nk=
x-amz-request-id: A0GTYC5KNWH4XAW6
last-modified: Fri, 16 Sep 2022 17:52:00 GMT
etag: "04bb6e8d9135d976f28e9ba68fbc6f67"
x-amz-server-side-encryption: AES256
x-amz-version-id: 4zafttojs22R6rxiZs_M0ICLL.vyZxyd
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 06 Oct 2023 06:06:22 GMT
date: Thu, 06 Oct 2022 06:06:22 GMT
content-length: 135541
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65462)
Size:   135541
Md5:    ed301c77cb4cfefcf054b77502912c41
Sha1:   0139ede39adaa61fdae8dfb9c7f6f8600025599b
Sha256: 10ebdcf812a393d96af2bf99a2e5ddf8381f37b2fa85698c4c25e7c03350712c
                                        
                                            GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: ePBtPNltighZ03JBS/Xu3LYeSA7F1yzEuIL6FXs/YdArb0qYS2ZncKxSX45UyFn4EY1mPti8L0Y=
x-amz-request-id: Q5Y8PK0VHGD0XQRS
last-modified: Fri, 16 Sep 2022 16:45:04 GMT
etag: "87b518e8e45487e774f8d47f2dc0026f"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2Wom95JLG5jhnN_DEOMzqRfOKsQDbi7Z
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 58202
cache-control: max-age=31536000
expires: Fri, 06 Oct 2023 06:06:22 GMT
date: Thu, 06 Oct 2022 06:06:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65459)
Size:   58202
Md5:    feb46b3c6b7556a8bf123a5e87ffd2b5
Sha1:   aff2efba814012e9fe1586055599069f77e6a062
Sha256: 6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7
                                        
                                            GET /?template=ARROW_3&tdfs=0&s_token=1665036381.0232580000&uuid=1665036381.0232580000&term=Europe%20Dedicated%20Servers&term=Norway%20Dedicated%20Servers&term=Oslo%20County%20Dedicated%20Servers&term=Oslo%20Dedicated%20Servers&term=Custom%20Dedicated%20Servers&searchbox=0&showDomain=1&backfill=0 HTTP/1.1 
Host: www6.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner=
Upgrade-Insecure-Requests: 1
If-Modified-Since: Fri, 16 Sep 2022 16:46:12 GMT
If-None-Match: "6324a854-9f7"
Cache-Control: max-age=0

                                         
                                         35.186.238.101
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: openresty
Date: Thu, 06 Oct 2022 06:06:22 GMT
Content-Length: 2551
Last-Modified: Fri, 16 Sep 2022 16:45:50 GMT
ETag: "6324a83e-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_XtX697nTWSTesvoivH1R4gZI/idybeHq1tcQa2WH8AY6utX9J2lAU9BlFo+va5jy3gujohJcPZI8saUAUGXd9Q
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Size:   2551
Md5:    41f66bb0ac50f2d851236170e7c71341
Sha1:   59bcec216302151922219b51be8ad8ab6d0b8384
Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
                                        
                                            GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Sep 2022 17:52:00 GMT
If-None-Match: "04bb6e8d9135d976f28e9ba68fbc6f67"
Cache-Control: max-age=0
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 304 Not Modified
content-type: application/javascript
                                        
last-modified: Fri, 16 Sep 2022 17:52:00 GMT
etag: "04bb6e8d9135d976f28e9ba68fbc6f67"
cache-control: max-age=31536000
expires: Fri, 06 Oct 2023 06:06:22 GMT
date: Thu, 06 Oct 2022 06:06:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Sep 2022 16:45:04 GMT
If-None-Match: "87b518e8e45487e774f8d47f2dc0026f"
Cache-Control: max-age=0
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 304 Not Modified
content-type: application/javascript
                                        
last-modified: Fri, 16 Sep 2022 16:45:04 GMT
etag: "87b518e8e45487e774f8d47f2dc0026f"
cache-control: max-age=31536000
expires: Fri, 06 Oct 2023 06:06:22 GMT
date: Thu, 06 Oct 2022 06:06:22 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 06:06:22 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 01:55:56 GMT
Expires: Fri, 07 Oct 2022 01:55:56 GMT
ETag: "d2cdadac11d2f2f1de2fa37284d478549dc9a78d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   55605
Md5:    b88bd5dbcafedd0e6abc9a812657c96e
Sha1:   988127f26ac4b346c9d966cfa2e5c93f7cd7ca6d
Sha256: 2853f8e7a899d5f39b63f88573e07710b8673ba0e1acdae1cfc936b433aa7b9c

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 06:06:22 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 01:55:56 GMT
Expires: Fri, 07 Oct 2022 01:55:56 GMT
ETag: "d2cdadac11d2f2f1de2fa37284d478549dc9a78d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    e302e69d76412592f4a2bbe49158a40a
Sha1:   d2cdadac11d2f2f1de2fa37284d478549dc9a78d
Sha256: b94b6621504f78c4f6d42786186eafcfaf8affa5d3b27c0da8ac287bf8880391
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 06:06:22 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 01:55:56 GMT
Expires: Fri, 07 Oct 2022 01:55:56 GMT
ETag: "d2cdadac11d2f2f1de2fa37284d478549dc9a78d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    e302e69d76412592f4a2bbe49158a40a
Sha1:   d2cdadac11d2f2f1de2fa37284d478549dc9a78d
Sha256: b94b6621504f78c4f6d42786186eafcfaf8affa5d3b27c0da8ac287bf8880391
                                        
                                            OPTIONS /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.widgetserver.com/
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Thu, 06 Oct 2022 06:06:22 GMT
content-length: 0
set-cookie: AWSALB=nWPeWH+AEG34/SRZ25Wa4WN5KnQVSWfhHR6l5dKGYABTKxf9xx4iQu5egOrXRsxyGHWtxujWWbrqTlhZxOTcAgK+H1zOi3L1Yz10wYD7y5lD/TwYQDMII8nIJHjD; Expires=Thu, 13 Oct 2022 06:06:22 GMT; Path=/ AWSALBCORS=nWPeWH+AEG34/SRZ25Wa4WN5KnQVSWfhHR6l5dKGYABTKxf9xx4iQu5egOrXRsxyGHWtxujWWbrqTlhZxOTcAgK+H1zOi3L1Yz10wYD7y5lD/TwYQDMII8nIJHjD; Expires=Thu, 13 Oct 2022 06:06:22 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /v1/domains/domain?domain=www6.widgetserver.com&portfolioId= HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://www6.widgetserver.com/
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
                                        
date: Thu, 06 Oct 2022 06:06:22 GMT
content-length: 0
set-cookie: AWSALB=5x98cDpB8KFPQXPt9nKMk1S9BSW5Lk0p5vSgLFYe1Rf0nR0sJpRsIco4RvTRcFgP5MJBmS9LVOgmCvfG6D8P/0OuhNZmCeS2O2CS3NU60HyCvJdMt1y82/N06ImM; Expires=Thu, 13 Oct 2022 06:06:22 GMT; Path=/ AWSALBCORS=5x98cDpB8KFPQXPt9nKMk1S9BSW5Lk0p5vSgLFYe1Rf0nR0sJpRsIco4RvTRcFgP5MJBmS9LVOgmCvfG6D8P/0OuhNZmCeS2O2CS3NU60HyCvJdMt1y82/N06ImM; Expires=Thu, 13 Oct 2022 06:06:22 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://www6.widgetserver.com
access-control-max-age: 600
x-request-id: rqk-k2_g
X-Firefox-Spdy: h2

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Content-Type: application/json
Origin: http://www6.widgetserver.com
Content-Length: 703
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Thu, 06 Oct 2022 06:06:23 GMT
content-length: 0
set-cookie: AWSALB=K4OnAqqBUZHeIbJHmnTFC7vk6Va7l0NgaSY8+msa4rYgYIvvw3kfL8Nm0grkE0IXl6mUcPK2+ziErxyQl3n1OOkaqHq+4IhybC/ElWwnAVpwtLKWNd3SEpE149Li; Expires=Thu, 13 Oct 2022 06:06:23 GMT; Path=/ AWSALBCORS=K4OnAqqBUZHeIbJHmnTFC7vk6Va7l0NgaSY8+msa4rYgYIvvw3kfL8Nm0grkE0IXl6mUcPK2+ziErxyQl3n1OOkaqHq+4IhybC/ElWwnAVpwtLKWNd3SEpE149Li; Expires=Thu, 13 Oct 2022 06:06:23 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   53967
Md5:    5c91c955488d35ea10ff29c99c158552
Sha1:   0e06969d58b3044fda6596cd233051a8773d4812
Sha256: c1fc09634a458d9543b4e56fd80dab36d0d11a03e7af9ea030d4056d969c0b8b

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /v1/domains/domain?domain=www6.widgetserver.com&portfolioId= HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
X-Request-Id: 1798139c-c352-4adb-a095-8108fdd0b422
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 06 Oct 2022 06:06:23 GMT
content-length: 1018
set-cookie: AWSALB=dZhp4u3IS8WDQwsGSJ3C5TI2bp7TkodjPn3HidqTuxKsdZhngnUE5qZnm6FJeMEv94j4T0cy7JioGZp4RlFkqfb9OnkxqwQJKpVslXv3Sg5Cfp5pZJDacwytEY7z; Expires=Thu, 13 Oct 2022 06:06:23 GMT; Path=/ AWSALBCORS=dZhp4u3IS8WDQwsGSJ3C5TI2bp7TkodjPn3HidqTuxKsdZhngnUE5qZnm6FJeMEv94j4T0cy7JioGZp4RlFkqfb9OnkxqwQJKpVslXv3Sg5Cfp5pZJDacwytEY7z; Expires=Thu, 13 Oct 2022 06:06:23 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://www6.widgetserver.com
access-control-max-age: 600
x-request-id: 1798139c-c352-4adb-a095-8108fdd0b422
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1017)
Size:   1018
Md5:    ec0cf440914c296162912fef2da1f1e6
Sha1:   543fdaad43aa39d934d40181ad5bd74582336c04
Sha256: d53d4be305302f6a2eb9834904a5c75666f4630616857a3fd1ee784b47862be9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gampad/cookie.js?domain=www6.widgetserver.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1 
Host: partner.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 06 Oct 2022 06:06:23 GMT
server: cafe
cache-control: private
content-length: 188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   188
Md5:    bdfc59521b5d40dd6fe6c31b93459bb6
Sha1:   7186749625d692341911e44ac0184433c0179a08
Sha256: dbc81be845a557652fe02666bc0e52999f5de7c29070ba519e2b34992c01f080
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 06:06:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Content-Type: application/json
Origin: http://www6.widgetserver.com
Content-Length: 758
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Thu, 06 Oct 2022 06:06:23 GMT
content-length: 0
set-cookie: AWSALB=b7JgGnXd5oFwFt+2DUVdkKsXVmz9oRPVw563sCfKMCoou94Rz1EkPKvN0qEgQkxi1U9NJUwSj5EFiiI4bkFDJSeraeTvgsa2iF/xUkQ+nsPNGU2FVN0iYAnUFGLl; Expires=Thu, 13 Oct 2022 06:06:23 GMT; Path=/ AWSALBCORS=b7JgGnXd5oFwFt+2DUVdkKsXVmz9oRPVw563sCfKMCoou94Rz1EkPKvN0qEgQkxi1U9NJUwSj5EFiiI4bkFDJSeraeTvgsa2iF/xUkQ+nsPNGU2FVN0iYAnUFGLl; Expires=Thu, 13 Oct 2022 06:06:23 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Content-Type: application/json
Origin: http://www6.widgetserver.com
Content-Length: 656
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Thu, 06 Oct 2022 06:06:23 GMT
content-length: 0
set-cookie: AWSALB=r3UohPFFuBA0Gi+qxq8Nt+MkpHiGqf+2COm53fgSfCkMBdyxfu8qjUW+Plw4LFmloCs8K5f6uroWxBpztVOgSI9LhFxPhfaUDNBCLd1plutvFruqNNk0JK5sBEp7; Expires=Thu, 13 Oct 2022 06:06:23 GMT; Path=/ AWSALBCORS=r3UohPFFuBA0Gi+qxq8Nt+MkpHiGqf+2COm53fgSfCkMBdyxfu8qjUW+Plw4LFmloCs8K5f6uroWxBpztVOgSI9LhFxPhfaUDNBCLd1plutvFruqNNk0JK5sBEp7; Expires=Thu, 13 Oct 2022 06:06:23 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "34C5D1EB20B92B748C4B522FC55C5BFDEFB7F132DACCDCC6BFFE9E69FC2902CD"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20750
Expires: Thu, 06 Oct 2022 11:52:13 GMT
Date: Thu, 06 Oct 2022 06:06:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "34C5D1EB20B92B748C4B522FC55C5BFDEFB7F132DACCDCC6BFFE9E69FC2902CD"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20750
Expires: Thu, 06 Oct 2022 11:52:13 GMT
Date: Thu, 06 Oct 2022 06:06:23 GMT
Connection: keep-alive

                                        
                                            OPTIONS /sn/ HTTP/1.1 
Host: postback.trafficmotor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.widgetserver.com/
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.79.38.145
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty/1.13.6.1
Date: Thu, 06 Oct 2022 06:06:23 GMT
Content-Length: 0
Connection: close
Allow: HEAD, GET, POST, OPTIONS
Access-Control-Allow-Origin: http://www6.widgetserver.com
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin
Access-Control-Allow-Headers: content-type

                                        
                                            POST /sn/ HTTP/1.1 
Host: postback.trafficmotor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Content-Type: application/json
Origin: http://www6.widgetserver.com
Content-Length: 143
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.79.38.145
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: openresty/1.13.6.1
Date: Thu, 06 Oct 2022 06:06:23 GMT
Content-Length: 31
Connection: close
Access-Control-Allow-Origin: http://www6.widgetserver.com
Vary: Origin


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   31
Md5:    766d13ee17243aa25b9e539c99ae6f35
Sha1:   05c6c546c4857d0bdf3714ac9a0794695ca2e9b5
Sha256: 9f7c21500f8bb1d1ad5dc605cf680767edcfd8913fd0634a495ee9a7604c4efd
                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Content-Type: application/json
Origin: http://www6.widgetserver.com
Content-Length: 652
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Thu, 06 Oct 2022 06:06:24 GMT
content-length: 0
set-cookie: AWSALB=W8Qy7kjaGFPSMF8AsOOaP4UPTalzCNnkncHljpH/CctRlgPE2HwvWVegQQn0bIxJwXIyDne+XzUFuiU6eVwUF2ctvojRmfMEu8pUFmBp1vPFX4p/aNy2mnFmMPqx; Expires=Thu, 13 Oct 2022 06:06:24 GMT; Path=/ AWSALBCORS=W8Qy7kjaGFPSMF8AsOOaP4UPTalzCNnkncHljpH/CctRlgPE2HwvWVegQQn0bIxJwXIyDne+XzUFuiU6eVwUF2ctvojRmfMEu8pUFmBp1vPFX4p/aNy2mnFmMPqx; Expires=Thu, 13 Oct 2022 06:06:24 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /d/search/p/godaddy/xml/domain/multiset/v4/?url=widgetserver.com&Partner=nameadmin_park_dm_2903_afternic&maxListings=3&maxWeb=0&maxRT=6&maxRTL=6&maxPC=6&urlLang=en&affilData=ip%3D91.90.42.154%26xfip%3D91.90.42.154%26ua%3DMozilla%252F5.0%2520%2528X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0%2529%2520Gecko%252F20100101%2520Firefox%252F96.0%26ur%3Dhttp%253A%252F%252Fwww6.widgetserver.com%252F&serveUrl=http%3A%2F%2Fwidgetserver.com&seedTerm=Europe%20Dedicated%20Servers%20Norway%20Dedicated%20Servers%20Oslo%20County%20Dedicated%20Servers%20Oslo%20Dedicated%20Servers%20Custom%20Dedicated%20Servers HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/xml; charset=utf-8
                                        
date: Thu, 06 Oct 2022 06:06:23 GMT
set-cookie: AWSALB=lWUClv4/Tu6t1/vORD24MOLVyxro228iYKBic4PFY/065YdEeZiwkFXMLfFFH7yXgWvbudnsmcHvYtSa012IWBRDzYOHxXdCeTJs8502ZYs7jFm15vHtIOg0e9Ws; Expires=Thu, 13 Oct 2022 06:06:23 GMT; Path=/ AWSALBCORS=lWUClv4/Tu6t1/vORD24MOLVyxro228iYKBic4PFY/065YdEeZiwkFXMLfFFH7yXgWvbudnsmcHvYtSa012IWBRDzYOHxXdCeTJs8502ZYs7jFm15vHtIOg0e9Ws; Expires=Thu, 13 Oct 2022 06:06:23 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
x-request-id: 610dc09d-1de8-4498-8f97-7681ae88965f
etag: W/"2312-T5LDsyNG0IuC49TstQNJiRy4DjM"
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
age: 0
strict-transport-security: max-age=15552000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---