Overview

URLbrazzers07.blogspot.de/search/label/galata%20k%C3%B6pr%C3%BCs%C3%BCnde%20siki%C5%9F
IP 172.217.21.161 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-30 23:59:58 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
brazzers07.blogspot.de (1) 0 No data No data 172.217.21.161 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 17:13:24 UTC 34.117.237.239
ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-11-30 17:12:14 UTC 142.250.74.131
www.blogger.com (1) 8975 2012-05-22 07:35:03 UTC 2022-11-30 18:58:54 UTC 142.250.74.73
resources.blogblog.com (1) 13274 2017-01-30 04:47:40 UTC 2022-11-30 19:07:12 UTC 142.250.74.73
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-11-30 17:19:42 UTC 34.160.144.191
fonts.gstatic.com (4) 0 2014-09-09 00:40:21 UTC 2022-11-30 22:48:06 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-30 22:12:22 UTC 142.250.74.99 Domain (gstatic.com) ranked at: 540
themes.googleusercontent.com (1) 9661 2012-05-29 23:36:21 UTC 2022-11-30 17:24:29 UTC 216.58.207.225
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-11-30 17:12:16 UTC 95.101.11.115
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-11-30 17:26:07 UTC 34.120.237.76
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-11-30 20:24:46 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 17:12:31 UTC 34.102.187.140
brazzers07.blogspot.com (4) 0 No data No data 172.217.21.161 Unknown ranking
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-11-30 17:12:17 UTC 54.149.156.115

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-01 2 brazzers07.blogspot.de/search/label/galata%20k%C3%B6pr%C3%BCs%C3%BCnde%20si (...) Phishing
2022-12-01 2 brazzers07.blogspot.com/search/label/galata%20k%C3%B6pr%C3%BCs%C3%BCnde%20s (...) Phishing
2022-12-01 2 brazzers07.blogspot.com/js/cookienotice.js Phishing
2022-12-01 2 brazzers07.blogspot.com/responsive/sprite_v1_6.css.svg Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.217.21.161
Date UQ / IDS / BL URL IP
2023-01-29 21:09:41 +0000 0 - 0 - 5 betpergir4.blogspot.in/ 172.217.21.161
2023-01-29 21:02:53 +0000 0 - 0 - 3 luxe-urbain.blogspot.co.id/ 172.217.21.161
2023-01-29 21:00:51 +0000 0 - 2 - 3 lovecalculaot.blogspot.bg/ 172.217.21.161
2023-01-29 20:59:12 +0000 0 - 0 - 1 lernbransero1971.blogspot.li/ 172.217.21.161
2023-01-29 20:59:10 +0000 0 - 0 - 2 robloxidforslimedreams.blogspot.com.ee/ 172.217.21.161


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-01-29 21:21:02 +0000 0 - 0 - 1 edf41f52-452f-4671-a310-1da9f1d2ecd8.usrfiles (...) 34.102.176.152
2023-01-29 21:20:16 +0000 0 - 0 - 3 hotelvilaricca.blogspot.ch/ 142.250.74.1
2023-01-29 21:14:37 +0000 0 - 0 - 2 necessairesynthaxe.blogspot.com/ 142.250.74.1
2023-01-29 21:14:07 +0000 0 - 0 - 2 travian-gz.blogspot.qa/ 142.250.74.1
2023-01-29 21:11:40 +0000 0 - 0 - 1 clseo1.me/ 34.102.136.180


Last 5 reports on domain: brazzers07.blogspot.de
Date UQ / IDS / BL URL IP
2023-01-04 16:18:25 +0000 0 - 0 - 4 brazzers07.blogspot.de/search/label/Yeliz%20m (...) 172.217.21.161
2022-12-31 01:56:11 +0000 0 - 0 - 4 brazzers07.blogspot.de/search/label/seski%20b (...) 142.250.74.161
2022-12-26 12:50:52 +0000 0 - 0 - 4 brazzers07.blogspot.de/search/label/eski%20se (...) 142.250.74.33
2022-12-14 14:31:40 +0000 0 - 0 - 4 brazzers07.blogspot.de/search/label/seksi%20s (...) 172.217.21.161
2022-12-14 14:00:19 +0000 0 - 0 - 4 brazzers07.blogspot.de/search/label/tatl%C4%B (...) 172.217.21.161


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-14 03:59:01 +0000 0 - 0 - 4 77581087.blogspot.nl/search/label/office%20cuckold 142.250.74.65
2023-01-12 12:41:59 +0000 0 - 0 - 4 77581087.blogspot.co.uk/search/label/AJ%20%20 (...) 172.217.21.161
2023-01-12 04:48:55 +0000 0 - 0 - 3 foxonlines.blogspot.fr/search/label/Mercedes% (...) 172.217.21.161
2023-01-04 20:53:52 +0000 0 - 0 - 4 foxonlines.blogspot.com/search/label/Tamannah (...) 172.217.21.161
2023-01-04 16:18:25 +0000 0 - 0 - 4 brazzers07.blogspot.de/search/label/Yeliz%20m (...) 172.217.21.161

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (41)


Request Response
                                        
                                            GET /search/label/galata%20k%C3%B6pr%C3%BCs%C3%BCnde%20siki%C5%9F HTTP/1.1 
Host: brazzers07.blogspot.de
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.217.21.161
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Location: http://brazzers07.blogspot.com/search/label/galata%20k%C3%B6pr%C3%BCs%C3%BCnde%20siki%C5%9F
Content-Encoding: gzip
Date: Wed, 30 Nov 2022 23:59:46 GMT
Expires: Wed, 30 Nov 2022 23:59:46 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 223
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   223
Md5:    e744883cd0c482a60910403fdb268bf7
Sha1:   22b6ca12e74056ec157dedc7e66bd2f95bcc38f0
Sha256: eb820971ffeaec9fc0a4e71bcdd3d3dd2e0b460be0bcbe3e9c5f5ae5f356683a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2229
Expires: Thu, 01 Dec 2022 00:36:56 GMT
Date: Wed, 30 Nov 2022 23:59:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4664
Cache-Control: 'max-age=158059'
Date: Wed, 30 Nov 2022 23:59:47 GMT
Last-Modified: Wed, 30 Nov 2022 22:42:03 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5256
Expires: Thu, 01 Dec 2022 01:27:23 GMT
Date: Wed, 30 Nov 2022 23:59:47 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 23:19:44 GMT
cache-control: public,max-age=3600
age: 2403
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: FSMXc6MWjM88zTDbkgvKJzxcYXCxDXXmQDH22cbyAz7xPF37Xr2GTxBQ168+4YJPzn01RDJPxqE=
x-amz-request-id: DMXZ24YEJMAGDAK7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 23:45:26 GMT
age: 861
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 30 Nov 2022 23:59:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /search/label/galata%20k%C3%B6pr%C3%BCs%C3%BCnde%20siki%C5%9F HTTP/1.1 
Host: brazzers07.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.217.21.161
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Wed, 30 Nov 2022 23:59:47 GMT
Date: Wed, 30 Nov 2022 23:59:47 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 18 Apr 2020 07:01:03 GMT
ETag: W/"5a2d67c5b5c5aae028b8b81ee09e11a122e0386537ba7f319db9f730f4b2ce5f"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 15236
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5019)
Size:   15236
Md5:    595ce56f761117b4b558eb3c7dc9400d
Sha1:   81cb51d84c921a0b0efffedd2ec92743102823a7
Sha256: 1febd6bb6b0a6c9414892086b5080cea84dc989d4470c3452f0357a710fe72df

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: brazzers07.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/search/label/galata%20k%C3%B6pr%C3%BCs%C3%BCnde%20siki%C5%9F

search
                                         172.217.21.161
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 22:53:35 GMT
Expires: Tue, 06 Dec 2022 22:53:35 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 18:54:36 GMT
Age: 90372


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /responsive/sprite_v1_6.css.svg HTTP/1.1 
Host: brazzers07.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/search/label/galata%20k%C3%B6pr%C3%BCs%C3%BCnde%20siki%C5%9F

search
                                         172.217.21.161
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2244
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 22:53:35 GMT
Expires: Tue, 06 Dec 2022 22:53:35 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 12:51:31 GMT
Age: 90372


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7657)
Size:   2244
Md5:    95c6fb790198cc0364925ea12e2bce11
Sha1:   371752558ef1ccaa9885db20be2d882dd1c15dab
Sha256: a4f0e38c228313a0eb22ea4faeca14467732a9992e2b514a9a16b2717ab5d8b5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://brazzers07.blogspot.com
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11824
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 17:34:58 GMT
Expires: Fri, 24 Nov 2023 17:34:58 GMT
Cache-Control: public, max-age=31536000
Age: 541489
Last-Modified: Wed, 11 May 2022 19:24:43 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Size:   11824
Md5:    deb26e9b1a25438118e5d39d741ae6b6
Sha1:   a2801defb4c8bed8e4083dfde0b2a5a9c0537020
Sha256: fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://brazzers07.blogspot.com
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 21:13:25 GMT
Expires: Thu, 30 Nov 2023 21:13:25 GMT
Cache-Control: public, max-age=31536000
Age: 9982
Last-Modified: Wed, 11 May 2022 19:24:48 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://brazzers07.blogspot.com
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11872
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 02:57:27 GMT
Expires: Fri, 24 Nov 2023 02:57:27 GMT
Cache-Control: public, max-age=31536000
Age: 594140
Last-Modified: Wed, 11 May 2022 19:25:01 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Size:   11872
Md5:    87ace20058325aa069320aa4af875dff
Sha1:   b743548770c46d905ae1ba06310bc001c587fe8e
Sha256: 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://brazzers07.blogspot.com
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/

search
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 30 Nov 2022 21:12:39 GMT
Expires: Thu, 30 Nov 2023 21:12:39 GMT
Cache-Control: public, max-age=31536000
Age: 10028
Last-Modified: Wed, 11 May 2022 19:24:42 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.99
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 23:59:47 GMT
expires: Wed, 30 Nov 2022 23:59:47 GMT
cache-control: public, max-age=0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (10473)
Size:   3475
Md5:    5f322b95a9dc592286f58bb0b446fb3a
Sha1:   7b504dd1f75dca0b6545643188e510cae4699c6a
Sha256: a87b7a7bb8c3c8104355c38ea1e71953c2fc38320e3d32c675e753afa96eed15
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.73
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
age: 152178
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56726
Md5:    1217c8e34acb09c7cea97bae4d386ea1
Sha1:   55ee17703d0a7710943e93913bacb49220d98b4b
Sha256: c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
                                        
                                            GET /blogblog/data/res/3311276799-indie_compiled.js HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.73
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 46621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:49:20 GMT
expires: Tue, 06 Dec 2022 13:49:20 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
age: 123027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1535)
Size:   46621
Md5:    86d0aad32713640aa4d2e424e27970fe
Sha1:   4c88bc29b3fffa6e4a83c4919fc313c86526c506
Sha256: c8284a3e3b30fea7bcd94cad17349dfa579575eace1987ec50a21417c5a8c5e3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 23:08:56 GMT
cache-control: public,max-age=3600
age: 3051
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600 HTTP/1.1 
Host: themes.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.225
HTTP/2 200 OK
content-type: image/jpeg
                                        
access-control-expose-headers: Content-Length
etag: "v1"
expires: Thu, 01 Dec 2022 23:59:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 23:59:47 GMT
server: fife
content-length: 228521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, description=Sunset afterglow and twlight dunes in White Sands National Monument, software=Picasa], baseline, precision 8, 1600x1067, components 3\012- data
Size:   228521
Md5:    e66ef1f4c654be20558150214aa2b85a
Sha1:   ad1dfbefad9a21e48aeeac1bae9f8a5b8ea1ef3c
Sha256: 6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 30 Nov 2022 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4682
Cache-Control: max-age=123906
Date: Wed, 30 Nov 2022 23:59:47 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:24:53 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: brazzers07.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://brazzers07.blogspot.com/search/label/galata%20k%C3%B6pr%C3%BCs%C3%BCnde%20siki%C5%9F

search
                                         172.217.21.161
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
                                        
Expires: Wed, 30 Nov 2022 23:59:47 GMT
Date: Wed, 30 Nov 2022 23:59:47 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sat, 18 Apr 2020 07:01:03 GMT
ETag: W/"5a2d67c5b5c5aae028b8b81ee09e11a122e0386537ba7f319db9f730f4b2ce5f"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size:   412
Md5:    501c61a70f5c41181aa050d9110909ca
Sha1:   5b985d5671a7caf686fdfb1df13488c4407f6c9f
Sha256: c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FPv0fNBf3HSxX6uNQzbMUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.149.156.115
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: S3HzzhqYVZbCVOKjwuuhVnGfCv0=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 23:59:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 23:59:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 23:59:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 23:59:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 23:59:49 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f924fdd-ce65-4f00-8153-3caef7c54e22.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5295
x-amzn-requestid: e9c096df-2dba-408c-b45a-d114755fa883
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzM0HmuoAMF4Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbeb-5808a0756f4180a0613cdbcd;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUjE1-vViTaS5s23OSlhLlxC597y0etgzMYGUdlqdpHBTK_ww5DEYA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 7829
etag: "b412d62d44993500b947a38e8e242d0c6d6b7588"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5295
Md5:    eb4b8985f697c1ff7753d3961fb4f67d
Sha1:   b412d62d44993500b947a38e8e242d0c6d6b7588
Sha256: 571c1543cd99b08e62438146f383bf48a9172ae377b4c17dbc6c8c58bdbb5803
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9613
x-amzn-requestid: a46cc458-2e28-4ca7-b223-ba66256caef1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfmEmKoAMFZvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f96-7ecee5764c4a40e50e5b1f98;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6p5kV3OCTlaiLWEa9wyeRJOYoxPNZwLhXGIbEnymaufjKL246zfrhw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 07:44:22 GMT
age: 58527
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9613
Md5:    b92721cbe24623f1713a5248d6a7c1b2
Sha1:   3628390c62642dcc375b28f58c9b48180c4abd73
Sha256: 37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12655
x-amzn-requestid: beeeccd0-a494-4d0c-91e9-0d1e2ab37b6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YoFmMIAMFT4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-60f5e2286cf3965a42ab31b9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CiGOvF7Lmz8cICQcjUcE6QGokbAIAd3WClI4PK_aDSxo-yHVcPPA7w==
via: 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:29 GMT
age: 8060
etag: "06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12655
Md5:    1039182464db1365a476dd88029b97d8
Sha1:   06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac
Sha256: 2e081da1464a18d755a841558f63303634a9e22df888c9c43246565abfc3d48d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4199
x-amzn-requestid: d7983896-c4a5-4133-9b0e-51ac412cf732
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZttXFcZIAMFmJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386f655-139cd6a82eaa934d5d411029;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 06:21:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 91_Pv2sUA4286BEZXTKFctgZOrzWy6VWFDGiUV3_p_QnyckRDFb-lw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:51:29 GMT
age: 7700
etag: "07fafbd614cdb49f20bceea29d5e684725d3bdf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4199
Md5:    4fd5f7a9e04d27654062b3e18b8aecca
Sha1:   07fafbd614cdb49f20bceea29d5e684725d3bdf6
Sha256: 0cb64a9a33f66b92eed5a591b6c368f3d74363941d8876e553a8ea6aaa547590
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2150
x-amzn-requestid: 59ef9edf-d9c1-45d0-b084-adf8e2f0738d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cXQcKGPXoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385fab4-693e8d7d5632d48722e31757;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 12:27:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iO-jUNMNzAM6zHh1oEftgZcW18vxdgaFGpNe4a1WHU97pRMMuHIKaQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:51:49 GMT
age: 22080
etag: "9bc2e9039e9340b83ffcfb90e4e2c631a8723e60"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2150
Md5:    995eb3df7ec5507e3392fdb1ca6395b4
Sha1:   9bc2e9039e9340b83ffcfb90e4e2c631a8723e60
Sha256: 4c86fdcd3b338040ea8130ee6a1ed5c3bd66c4dd59fe461f81e5df88a379ebb3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4409
x-amzn-requestid: dc9ccdbf-a051-49ce-a535-c100b8ee6f12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz81EHdoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-0b06c368156b828e0c663081;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UsYYNMsulshDYcUC9N2Q3fnxjdZd5ki-0_LlXRchIsNSq0FruNhFqw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:48:09 GMT
age: 7900
etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4409
Md5:    b8802d5080eb35e4052ef31cf7658650
Sha1:   1e78566f2e69268c5f753fb49112ab07aae3eccf
Sha256: 9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086