Report - geft-carrafour-sgin-in.blogspot.in/

Report Overview

Submitted URL
geft-carrafour-sgin-in.blogspot.in/
IP
142.250.74.65
ASN
#15169 GOOGLE
Submitted
2023-03-23 14:35:24
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
5
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	3.1 kB	6.3 kB	142.250.74.163
www.blogger.com	8975	2012-05-22T09:35:03Z	2023-03-29T07:43:42Z	845 B	66 kB	216.58.207.233
resources.blogblog.com	13274	2017-01-30T05:47:40Z	2023-03-29T07:53:37Z	424 B	48 kB	216.58.207.233
lh3.googleusercontent.com	66	2012-05-22T09:35:05Z	2023-03-29T05:20:57Z	468 B	1.3 kB	216.58.207.193
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	52 kB	34.120.237.76
oyeg76yhawcw1lcr.volatilewriter.com	unknown	2022-09-17T21:56:17Z	2023-03-24T09:35:32Z	3.6 kB	95 kB	204.11.56.48
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	35.81.224.51
geft-carrafour-sgin-in.blogspot.in	unknown	2023-02-04T05:14:45Z	2023-02-04T05:14:45Z	366 B	629 B	142.250.74.65
geft-carrafour-sgin-in.blogspot.com	unknown	2023-01-20T05:01:52Z	2023-03-29T16:53:59Z	1.3 kB	6.9 kB	142.250.74.65

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-23 14:35:26	low	204.11.56.48	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-03-23 14:35:28	low	204.11.56.48	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-03-23 14:35:28	low	204.11.56.48	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-03-23 14:35:29	low	204.11.56.48	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2023-03-23 14:35:30	low	204.11.56.48	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt	42 B	2023-03-07	2024-04-19
Pretty URL oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-19 21:11:21 Times Seen11983 Hash 4aa1cafcdca484710d10c7d6d1a6a273 4f2007c15b663111205ce137bdd263e5345104e5 9ce013c35c35b5f4007d40c0d4fa366530f064cbaa91de6c01b3edfe4471b7f8 Loading...

	oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt	27 B	2023-03-07	2024-04-19
Pretty URL oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-19 21:11:21 Times Seen11965 Hash 1a13337fc71dcb5b6fb8be5e40b05c66 8ca2b8e8b15ff416d1b6c557a767140c4c034243 e94f533b6c39b822e83695ecb11a193f5ba7a3a3f97c8136bd0bbef8436e48bf Loading...

	oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt	528 B	2023-03-29	2023-03-29
Pretty URL oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:01:13 Last Seen2023-03-29 21:01:13 Times Seen1 Hash 22fac48649867421f6e8183049da9ca0 bbec6c8528b11f4274403f0a14221936bb1962eb 3efad4b9ae39ed3012bde357e2a0798368f3b085f12aa423fa42f4c9c16c7761 Loading...

	oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt	227 B	2023-03-07	2024-04-19
Pretty URL oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:37 Last Seen2024-04-19 21:11:21 Times Seen11876 Hash 188f7666308742fb39f78319eeffac6b 30e2ed4b88881c18f5e93d6ab7bf1e581708260a 49203316dee4271f8246c461b34a6757e33008f09f85924ab5ac12235a9ef445 Loading...

	www.blogger.com/static/v1/widgets/3855953344-widgets.js	158 kB	2023-03-26	2023-03-29
Pretty URL www.blogger.com/static/v1/widgets/3855953344-widgets.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:20:56 Last Seen2023-03-29 23:33:31 Times Seen2075 Hash 75a8f7682cf319ea4e244986c983e933 b5cb588518185cb88908fca480fcbb78cb71f666 19d9c95c4d613f555ace1850597d7f58b8fd40bb0b12b2e3aa8e54892523329e Loading...

	geft-carrafour-sgin-in.blogspot.com/	275 B	2023-03-07	2024-04-19
Pretty URL geft-carrafour-sgin-in.blogspot.com/ IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-19 18:58:19 Times Seen57181 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt	8 B	2023-03-07	2024-04-19
Pretty URL oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-19 21:11:20 Times Seen10754 Hash 883fa82f6169ed5ddd95e0c34cf36450 52fcfe1e375b542d4847a9c963bff266b98bfbc2 dca6253c1f2bdadb922b559c83bee52fbe1411e3a159adcb922ff3b45c623185 Loading...

	oyeg76yhawcw1lcr.volatilewriter.com/__media__/js/min.js?v2.3	8.4 kB	2023-03-07	2024-04-19
Pretty URL oyeg76yhawcw1lcr.volatilewriter.com/__media__/js/min.js?v2.3 IP 204.11.56.48 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-19 21:11:21 Times Seen26085 Hash c16c3a4c0fad29106f34d00e89f6886e 6e11811ab8a98bb295b0916cdee68b302c33403d 097786d677a859b7bc87e285377b083b76d66a2fc2832a16bcd50b0e99df77ff Loading...

	resources.blogblog.com/blogblog/data/res/4268249124-indie_compiled.js	139 kB	2023-03-07	2024-04-03
Pretty URL resources.blogblog.com/blogblog/data/res/4268249124-indie_compiled.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:49:41 Last Seen2024-04-03 18:01:13 Times Seen331 Hash c9b7139c3f8f82e013aa992f753c03f4 0a4071be84cc34970421f0266a9db7ba55d7094c a8454fe2730c057837da9a6480eb7c575cef285637feac76542489382e8dbd60 Loading...

	oyeg76yhawcw1lcr.volatilewriter.com/px.js?ch=1	346 B	2023-03-07	2024-04-19
Pretty URL oyeg76yhawcw1lcr.volatilewriter.com/px.js?ch=1 IP 204.11.56.48 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-19 21:11:21 Times Seen43381 Hash f84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584 Loading...

	oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt	37 B	2023-03-07	2024-04-19
Pretty URL oyeg76yhawcw1lcr.volatilewriter.com/#/sdfsdfkewroidfosdkflwerwerlksdf/U2FsdGVkX18pEbjhXBBQ1SnTNCDOhWsOdp3ft2MROBAEdQqLt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-19 21:11:21 Times Seen12157 Hash fcd7b94e73a1f9cc8807da94baec6354 088ae01bf28379b61fd5a322034c8c618d3f2b23 0361577e582e091d8656bc3ffeeafc27c0607530e2000d55772674122d703253 Loading...

	geft-carrafour-sgin-in.blogspot.com/js/cookienotice.js	6.5 kB	2023-03-07	2024-04-19
Pretty URL geft-carrafour-sgin-in.blogspot.com/js/cookienotice.js IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-19 18:58:19 Times Seen113034 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	geft-carrafour-sgin-in.blogspot.com/	789 B	2023-03-07	2024-02-13
Pretty URL geft-carrafour-sgin-in.blogspot.com/ IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-02-13 16:43:35 Times Seen49861 Hash 0699fb3015610319b1639f47466451f0 5f4d8a4022f3a687921d7b3dce01cfc5bd62248f 2443e5c9c4ba5a75e030860f998bcf800907b0d4b3c4017999c2ed7ac84eeefa Loading...

	geft-carrafour-sgin-in.blogspot.com/	6.7 kB	2023-03-29	2023-03-29
Pretty URL geft-carrafour-sgin-in.blogspot.com/ IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:01:13 Last Seen2023-03-29 21:01:13 Times Seen1 Hash 82ed4e15c5d02f8e2acaf161879f1012 4805563d797beaa1ab66b6bc1d52baadb1e4d4ea b7130d4ad924834b978ece098a846eb28ef45ede3161c2dcd6471cec96b949d7 Loading...

HTTP Transactions (44)

	URL	IP	Response	Size
	geft-carrafour-sgin-in.blogspot.in/	142.250.74.65	302 Moved Temporarily	188 B
URL HTTP/1.1 geft-carrafour-sgin-in.blogspot.in/ IP 142.250.74.65:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text Size 188 B (188 bytes) Hash d6c8b821834b045f9a7c167f4283dd6a c0d8849ef7514f5363f9540636df944d7e8a15c3 b8e3126479c5862f07758be7b9caab2c580956e8bdc3a35bd0c1ead7d229fd0e HTTP Headers `GET / HTTP/1.1 Host: geft-carrafour-sgin-in.blogspot.in User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 302 Moved Temporarily Location: http://geft-carrafour-sgin-in.blogspot.com/ Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Date: Thu, 23 Mar 2023 14:35:14 GMT Expires: Thu, 23 Mar 2023 14:35:14 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Content-Length: 188 Server: GSE`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bea3185dd820a31c1981317f37c3456d 1a548a5d27270fc11df9011837a7149571cedd78 469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9" Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2994 Expires: Thu, 23 Mar 2023 15:25:08 GMT Date: Thu, 23 Mar 2023 14:35:14 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 210a2a42cfc4f4aced144f5de9babcc6 ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db 59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51" Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16887 Expires: Thu, 23 Mar 2023 19:16:41 GMT Date: Thu, 23 Mar 2023 14:35:14 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 23 Mar 2023 14:15:06 GMT content-type: application/json age: 1208 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 51a5d4696a6090c295850554508b51ce c44e143c2223546e64b19f543b8101aaf3b11e97 8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4516 Expires: Thu, 23 Mar 2023 15:50:30 GMT Date: Thu, 23 Mar 2023 14:35:14 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: LHznYlmv30TsKX+hJYNen/vTJeyfUUIZir3KgjfEDnIJbfhZ/Q1vy3J0Neniq1Te5Eo5b12hO2Y= x-amz-request-id: 2JGST6H0DWQ7FFSK x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 23 Mar 2023 13:54:04 GMT age: 2470 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 23 Mar 2023 14:35:14 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	geft-carrafour-sgin-in.blogspot.com/	142.250.74.65	301 Moved Permanently	189 B
URL HTTP/1.1 geft-carrafour-sgin-in.blogspot.com/ IP 142.250.74.65:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text Size 189 B (189 bytes) Hash 8d76bf3773afdba3fadfa3b5fa933cff 9e1901f22b62ad47c19634116c9ccef82ebeb949 e43f220d0621758ca22f44296a66d6614faa36c5050fac636553fdea2da2409d HTTP Headers `GET / HTTP/1.1 Host: geft-carrafour-sgin-in.blogspot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Location: https://geft-carrafour-sgin-in.blogspot.com/ Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Date: Thu, 23 Mar 2023 14:35:14 GMT Expires: Thu, 23 Mar 2023 14:35:14 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Content-Length: 189 Server: GSE`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 8c86964b28f43a92b6a544c2f0e31717 e047ad123e6d83c6f9b61b74bb8cbd2e57a00426 47f0425a9f6bb6dec60947135754264382a7c6ae206283f371814737fea1e7e7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 14:35:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 23 Mar 2023 14:17:23 GMT age: 1071 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	geft-carrafour-sgin-in.blogspot.com/	142.250.74.65	200 OK	3.1 kB
URL HTTP/2 geft-carrafour-sgin-in.blogspot.com/ IP 142.250.74.65:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6502) Size 3.1 kB (3094 bytes) Hash 92b2dadb723c59f98e4eff545d538195 b5bb610422124d24fabe53868012b1256e080e89 bdeeaa8ed2c62ddff797c02668cc25b99c47a50e85cf4070a70945ac0a44dc46 HTTP Headers `GET / HTTP/1.1 Host: geft-carrafour-sgin-in.blogspot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/2 200 OK content-type: text/html; charset=UTF-8 expires: Thu, 23 Mar 2023 14:35:14 GMT date: Thu, 23 Mar 2023 14:35:14 GMT cache-control: private, max-age=0 last-modified: Sun, 09 Oct 2022 23:36:17 GMT etag: W/"ab541c9f16514e2f2e45b1d06df1289e12394382ba0fdeaf27e1b80055b56b47" content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 3094 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 8c86964b28f43a92b6a544c2f0e31717 e047ad123e6d83c6f9b61b74bb8cbd2e57a00426 47f0425a9f6bb6dec60947135754264382a7c6ae206283f371814737fea1e7e7 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 14:35:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	geft-carrafour-sgin-in.blogspot.com/js/cookienotice.js	142.250.74.65	200 OK	2.0 kB
URL HTTP/2 geft-carrafour-sgin-in.blogspot.com/js/cookienotice.js IP 142.250.74.65:0 ASN #15169 GOOGLE File type ASCII text Size 2.0 kB (2026 bytes) Hash c4e1ed83d89245089b8a1203be20a377 f3940e1215b89300ef97d57a25993f25243b8688 afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2 HTTP Headers `GET /js/cookienotice.js HTTP/1.1 Host: geft-carrafour-sgin-in.blogspot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://geft-carrafour-sgin-in.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-type: text/javascript cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech" report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-length: 2026 date: Thu, 23 Mar 2023 14:35:14 GMT expires: Thu, 30 Mar 2023 14:35:14 GMT cache-control: public, max-age=604800 last-modified: Thu, 23 Mar 2023 12:49:32 GMT x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 18b877ebbad1529e4bd91e12220d91c4 a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc 7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17671 Expires: Thu, 23 Mar 2023 19:29:45 GMT Date: Thu, 23 Mar 2023 14:35:14 GMT Connection: keep-alive`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 174f723df8024405abb4e4ba0d5181f9 c3c19bb95f602859bdb2defbda6dd886ba6f41f8 c66d51b4622cb493e3814e03d69d20f6633b8d9b057ac501bfa4802cb5ad09bd HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 14:35:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 980fdb160191050671abe681e7aba45d 81d25de29530d06e7d06c312aa317a17bd048fe9 ec13be89cf3b6a4b49b91e09dd628af73020a038fb84ef1137c1d631560afe59 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 14:35:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 980fdb160191050671abe681e7aba45d 81d25de29530d06e7d06c312aa317a17bd048fe9 ec13be89cf3b6a4b49b91e09dd628af73020a038fb84ef1137c1d631560afe59 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 14:35:14 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.blogger.com/static/v1/widgets/2504215749-css_bundle_v2_rtl.css	216.58.207.233	200 OK	7.8 kB
URL HTTP/2 www.blogger.com/static/v1/widgets/2504215749-css_bundle_v2_rtl.css IP 216.58.207.233:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (35994) Size 7.8 kB (7780 bytes) Hash 80ce34d529819878a4a26584e8eec719 34e44bf7d3e11ab0ee1faf2cc5d2c7f7b9f053e2 625e3271a91189e54e12bd29994e693f26d45d83de700ce5e7b3db033fd1606f HTTP Headers `GET /static/v1/widgets/2504215749-css_bundle_v2_rtl.css HTTP/1.1 Host: www.blogger.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://geft-carrafour-sgin-in.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech" report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-length: 7780 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 23:04:20 GMT expires: Thu, 21 Mar 2024 23:04:20 GMT cache-control: public, max-age=31536000 last-modified: Wed, 22 Mar 2023 22:54:41 GMT content-type: text/css vary: Accept-Encoding age: 55854 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.blogger.com/static/v1/widgets/3855953344-widgets.js	216.58.207.233	200 OK	57 kB
URL HTTP/2 www.blogger.com/static/v1/widgets/3855953344-widgets.js IP 216.58.207.233:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2221) Size 57 kB (56913 bytes) Hash 0b4fa1144018f3ac4c94ef3025feddba bfb265fb34cf2ddf45913b8d4d21005da524c70e 059211c83ff1b35abf766cb0ad462b1cd9737aef054b04da279b6261d448e869 HTTP Headers `GET /static/v1/widgets/3855953344-widgets.js HTTP/1.1 Host: www.blogger.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://geft-carrafour-sgin-in.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech" report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-length: 56913 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 22:29:05 GMT expires: Thu, 21 Mar 2024 22:29:05 GMT cache-control: public, max-age=31536000 last-modified: Tue, 21 Mar 2023 22:29:47 GMT content-type: text/javascript vary: Accept-Encoding age: 57970 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	resources.blogblog.com/blogblog/data/res/4268249124-indie_compiled.js	216.58.207.233	200 OK	48 kB
URL HTTP/2 resources.blogblog.com/blogblog/data/res/4268249124-indie_compiled.js IP 216.58.207.233:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1797) Size 48 kB (47754 bytes) Hash 583873badee5b48683f8fb0d4178706b 6e8b1b7f8070c7f63628d289fa8f1ecb8aa596da 8bd95cbb4bc7f95addb2758422f7900466bdd50e8b9441fca9830f5ba48561e8 HTTP Headers `GET /blogblog/data/res/4268249124-indie_compiled.js HTTP/1.1 Host: resources.blogblog.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://geft-carrafour-sgin-in.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech" report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-length: 47754 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 23 Mar 2023 13:29:06 GMT expires: Thu, 30 Mar 2023 13:29:06 GMT cache-control: public, max-age=604800 last-modified: Thu, 03 Sep 2020 06:22:22 GMT content-type: text/javascript vary: Accept-Encoding age: 3969 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 174f723df8024405abb4e4ba0d5181f9 c3c19bb95f602859bdb2defbda6dd886ba6f41f8 c66d51b4622cb493e3814e03d69d20f6633b8d9b057ac501bfa4802cb5ad09bd HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 14:35:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 174f723df8024405abb4e4ba0d5181f9 c3c19bb95f602859bdb2defbda6dd886ba6f41f8 c66d51b4622cb493e3814e03d69d20f6633b8d9b057ac501bfa4802cb5ad09bd HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 14:35:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash f2d9058a696bc3684e9116b15fef251b 8915ec6b4396539cdb639cb5abf1dd9a9762650c 886cd009bfce7f31c36e479c5fb443d8ae66bcd0a736043317c77ccb81809210 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 14:35:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	lh3.googleusercontent.com/zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=w35	216.58.207.193	403 Forbidden	1.0 kB
URL HTTP/2 lh3.googleusercontent.com/zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=w35 IP 216.58.207.193:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1621), with CRLF, LF line terminators Size 1.0 kB (1007 bytes) Hash cae7a6f541434e9aade0d1e55185ce56 b98946769871c1ff55726bd2383ebbe0445506a7 b3e63bb00c1b023967ec5e128046216c3adb0fead07dea0e5eef395ff5b8f40c HTTP Headers `GET /zFdxGE77vvD2w5xHy6jkVuElKv-U9_9qLkRYK8OnbDeJPtjSZ82UPq5w6hJ-SA=w35 HTTP/1.1 Host: lh3.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://geft-carrafour-sgin-in.blogspot.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 403 Forbidden content-type: text/html; charset=UTF-8 x-content-type-options: nosniff content-encoding: gzip date: Thu, 23 Mar 2023 14:35:15 GMT server: fife cache-control: private content-length: 1007 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	push.services.mozilla.com/	35.81.224.51	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.81.224.51:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 3ru086XO7hbqjg9CYCOU2A== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: bpfAJiQL7/PmEIcPL9eI9hdYrbU=`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash f2d9058a696bc3684e9116b15fef251b 8915ec6b4396539cdb639cb5abf1dd9a9762650c 886cd009bfce7f31c36e479c5fb443d8ae66bcd0a736043317c77ccb81809210 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 14:35:15 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7293 Expires: Thu, 23 Mar 2023 16:36:49 GMT Date: Thu, 23 Mar 2023 14:35:16 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7293 Expires: Thu, 23 Mar 2023 16:36:49 GMT Date: Thu, 23 Mar 2023 14:35:16 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7293 Expires: Thu, 23 Mar 2023 16:36:49 GMT Date: Thu, 23 Mar 2023 14:35:16 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7293 Expires: Thu, 23 Mar 2023 16:36:49 GMT Date: Thu, 23 Mar 2023 14:35:16 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5556 bytes) Hash c831201ad81f55c63c1b101ce854a810 0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5 c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5556 x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM69eHE3IAMF0Yw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 06:24:31 GMT age: 29445 etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg	34.120.237.76	200 OK	6.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.7 kB (6692 bytes) Hash c05bfdf1411a931d8ea9adc64b07bc74 156ef59e53564a4f2b27002b2695fafecd578d82 15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6692 x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM9d9FcOoAMFaFQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: PNAVsyfdAHjn5F6Rt1uz1U46QCIGvTCqZatbAurr6Ilu0quHWExuSw== via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:43:34 GMT age: 60702 etag: "156ef59e53564a4f2b27002b2695fafecd578d82" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10284 bytes) Hash 4e89d0b1281259e7399294fb5fa19d2b 5035ed41f497c97faefae9cdaf42dc07ab468557 f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10284 x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM6hjEqtIAMFvXA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: g53sZY66fiEL8H79MzI7c7rqI-c-XxMvgB3myz79aw_lE9Aqgc66LQ== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 07:32:23 GMT age: 25373 etag: "5035ed41f497c97faefae9cdaf42dc07ab468557" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg	34.120.237.76	200 OK	4.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.9 kB (4912 bytes) Hash f4a771935927950222124e14b56046df d07fe53e4ac41048497b2732c017f6666c3eda9e 4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4912 x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM8H3Fl1IAMFYgA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: 4xGMCVWy2EXLLN8keteGLQvQjOp6KH97rkn_FK10eyng0-5EudcOig== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:43:33 GMT etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e" content-type: image/jpeg age: 60703 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg	34.120.237.76	200 OK	7.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.4 kB (7424 bytes) Hash 05c7970e81559904d05b6e8cf693f085 709b01a360624eceafb1876f56378824aa4936b3 a4fd80c9bdce27961560d7c31e216706e9e32d42d1edd883e283c149505b3db0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7424 x-amzn-requestid: 4d4097db-ae95-4a34-8f92-a56c29e836e2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CENb6FKDoAMF_cg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6417f5e5-772b562b3176f7ca0740db72;Sampled=0 x-amzn-remapped-date: Mon, 20 Mar 2023 05:57:57 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: d_lhTrmtXesTfnCpReJoiiv68EudX-RCSzr3fwqOe3ouJv-M0IOLtw== via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:43:22 GMT age: 60714 etag: "709b01a360624eceafb1876f56378824aa4936b3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10480 bytes) Hash 6f0b9e85381489dcf646c251722b21d4 5f7ea91288a2170bcabdca6be296718c4191eacd 911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10480 x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJptHG7JoAMFSwA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT x-amz-cf-pop: SEA19-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: V_1L8vYf9-uS_-cGgsCstGC__IYpLZjEa0gOlsYgYOWwNJxxXJo83g== via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 22:09:40 GMT age: 59136 etag: "5f7ea91288a2170bcabdca6be296718c4191eacd" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	oyeg76yhawcw1lcr.volatilewriter.com/	204.11.56.48	200 OK	31 kB
URL HTTP/1.1 oyeg76yhawcw1lcr.volatilewriter.com/ IP 204.11.56.48:0 ASN #19905 NEUSTAR-AS6 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4340), with CRLF, LF line terminators Size 31 kB (31168 bytes) Hash 9b70d144dc737b89c8c541f33ddc29ee bd76ee66048460047cd666bf23d3721d59d3f3c5 cf09c499fc562d127d0e06ecbcb53bea6d790fa3474c2aa3275e4d754c5c5579 HTTP Headers `GET / HTTP/1.1 Host: oyeg76yhawcw1lcr.volatilewriter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://geft-carrafour-sgin-in.blogspot.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Server: openresty Date: Thu, 23 Mar 2023 14:35:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_DlwimcPYrVhCsMLtsGAKmpcmf9zxe8Ry4r+0KjFB+psV9NBKsuilVlB0USXCb9WVrWkBo4WdT2F6txxy9syzMQ==`

	oyeg76yhawcw1lcr.volatilewriter.com/px.js?ch=1	204.11.56.48	200 OK	346 B
URL HTTP/1.1 oyeg76yhawcw1lcr.volatilewriter.com/px.js?ch=1 IP 204.11.56.48:0 ASN #19905 NEUSTAR-AS6 File type ASCII text, with very long lines (346), with no line terminators Size 346 B (346 bytes) Hash f84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584 HTTP Headers `GET /px.js?ch=1 HTTP/1.1 Host: oyeg76yhawcw1lcr.volatilewriter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: openresty Date: Thu, 23 Mar 2023 14:35:18 GMT Content-Type: application/javascript Content-Length: 346 Connection: keep-alive Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT ETag: "15a-5b952a63b81f1" Accept-Ranges: bytes`

	oyeg76yhawcw1lcr.volatilewriter.com/__media__/js/min.js?v2.3	204.11.56.48	200 OK	8.4 kB
URL HTTP/1.1 oyeg76yhawcw1lcr.volatilewriter.com/__media__/js/min.js?v2.3 IP 204.11.56.48:0 ASN #19905 NEUSTAR-AS6 File type ASCII text, with very long lines (8349), with CRLF line terminators Size 8.4 kB (8435 bytes) Hash c16c3a4c0fad29106f34d00e89f6886e 6e11811ab8a98bb295b0916cdee68b302c33403d 097786d677a859b7bc87e285377b083b76d66a2fc2832a16bcd50b0e99df77ff HTTP Headers `GET /__media__/js/min.js?v2.3 HTTP/1.1 Host: oyeg76yhawcw1lcr.volatilewriter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: openresty Date: Thu, 23 Mar 2023 14:35:18 GMT Content-Type: application/javascript Content-Length: 8435 Connection: keep-alive Last-Modified: Thu, 16 Feb 2023 20:25:06 GMT ETag: "20f3-5f4d6fe19ffbc" Accept-Ranges: bytes`

	oyeg76yhawcw1lcr.volatilewriter.com/px.js?ch=2	204.11.56.48	200 OK	346 B
URL HTTP/1.1 oyeg76yhawcw1lcr.volatilewriter.com/px.js?ch=2 IP 204.11.56.48:0 ASN #19905 NEUSTAR-AS6 File type ASCII text, with very long lines (346), with no line terminators Size 346 B (346 bytes) Hash f84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584 HTTP Headers `GET /px.js?ch=2 HTTP/1.1 Host: oyeg76yhawcw1lcr.volatilewriter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: openresty Date: Thu, 23 Mar 2023 14:35:20 GMT Content-Type: application/javascript Content-Length: 346 Connection: keep-alive Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT ETag: "15a-5b952a63b81f1" Accept-Ranges: bytes`

	oyeg76yhawcw1lcr.volatilewriter.com/__media__/pics/29590/bg1.png	204.11.56.48	200 OK	18 kB
URL HTTP/1.1 oyeg76yhawcw1lcr.volatilewriter.com/__media__/pics/29590/bg1.png IP 204.11.56.48:0 ASN #19905 NEUSTAR-AS6 File type PNG image data, 1730 x 988, 4-bit colormap, non-interlaced\012- data Size 18 kB (17986 bytes) Hash 825ccd29ac102fcadaf92b2343d5917b 24472e766cfac5b82a73b219796556a0a3702bd6 0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd HTTP Headers `GET /__media__/pics/29590/bg1.png HTTP/1.1 Host: oyeg76yhawcw1lcr.volatilewriter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: openresty Date: Thu, 23 Mar 2023 14:35:20 GMT Content-Type: image/png Content-Length: 17986 Connection: keep-alive Last-Modified: Fri, 25 Nov 2022 12:16:35 GMT ETag: "4642-5ee4a7e31c9c9" Accept-Ranges: bytes`

	oyeg76yhawcw1lcr.volatilewriter.com/__media__/pics/28905/arrrow.png	204.11.56.48	200 OK	283 B
URL HTTP/1.1 oyeg76yhawcw1lcr.volatilewriter.com/__media__/pics/28905/arrrow.png IP 204.11.56.48:0 ASN #19905 NEUSTAR-AS6 File type PNG image data, 17 x 27, 8-bit colormap, non-interlaced\012- data Size 283 B (283 bytes) Hash 80d42c82a6c37da90210fd60a2f36128 554ba7c84d2a27ecf3b1f29d03e62101936b54d8 a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10 HTTP Headers `GET /__media__/pics/28905/arrrow.png HTTP/1.1 Host: oyeg76yhawcw1lcr.volatilewriter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: openresty Date: Thu, 23 Mar 2023 14:35:20 GMT Content-Type: image/png Content-Length: 283 Connection: keep-alive Last-Modified: Tue, 04 Jan 2022 14:44:27 GMT ETag: "11b-5d4c2ac970ed9" Accept-Ranges: bytes`

	oyeg76yhawcw1lcr.volatilewriter.com/__media__/fonts/montserrat-regular/montserrat-regular.woff	204.11.56.48	200 OK	17 kB
URL HTTP/1.1 oyeg76yhawcw1lcr.volatilewriter.com/__media__/fonts/montserrat-regular/montserrat-regular.woff IP 204.11.56.48:0 ASN #19905 NEUSTAR-AS6 File type Web Open Font Format, TrueType, length 17264, version 2.1\012- data Size 17 kB (17264 bytes) Hash a43b107861b42ce1335e41e43d4e4d00 99bdb1cec4a68ebe29249c46fefefb6880d009e5 a6542dc92d71eb412bac89d8fb06c70f15be74a64b1b4ef1633288b78f4f2ff2 HTTP Headers `GET /__media__/fonts/montserrat-regular/montserrat-regular.woff HTTP/1.1 Host: oyeg76yhawcw1lcr.volatilewriter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: openresty Date: Thu, 23 Mar 2023 14:35:20 GMT Content-Type: font/woff Content-Length: 17264 Connection: keep-alive Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT ETag: "4370-5b952a63d1833" Accept-Ranges: bytes`

	oyeg76yhawcw1lcr.volatilewriter.com/__media__/fonts/montserrat-bold/montserrat-bold.woff	204.11.56.48	200 OK	17 kB
URL HTTP/1.1 oyeg76yhawcw1lcr.volatilewriter.com/__media__/fonts/montserrat-bold/montserrat-bold.woff IP 204.11.56.48:0 ASN #19905 NEUSTAR-AS6 File type Web Open Font Format, TrueType, length 17312, version 2.1\012- data Size 17 kB (17312 bytes) Hash bebe201d813feaad85a3e66607d0da3a 28b049502afa8e9db5340c1a92400591b39870e8 58bb75322beb862803b0d156e1a1d01fb1e7fde82ee93c929b08bf5aea9fc55b HTTP Headers `GET /__media__/fonts/montserrat-bold/montserrat-bold.woff HTTP/1.1 Host: oyeg76yhawcw1lcr.volatilewriter.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://oyeg76yhawcw1lcr.volatilewriter.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: openresty Date: Thu, 23 Mar 2023 14:35:20 GMT Content-Type: font/woff Content-Length: 17312 Connection: keep-alive Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT ETag: "43a0-5b952a63ce953" Accept-Ranges: bytes`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML