Overview

URL toosexyforwords.blogspot.co.at/
IP142.250.74.161
ASNGOOGLE
Location United States
Report completed2022-10-04 10:33:01 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 cdn.widgetserver.com/syndication/subscriber/InsertWidget.js Malware
2022-10-04 2 cdn.widgetserver.com/ Malware
2022-10-04 2 cdn.widgetserver.com/mtm/async/.eJxdjEsOwiAQhu_CshJwqTWexVCYUhLo4DC2GOPdBeP (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (29)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-10-04 09:46:17 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.77.32
mnemonic passive DNS www.blogger.com (4) 8975 2012-05-22 07:35:03 UTC 2022-10-04 07:16:09 UTC 216.58.207.201
mnemonic passive DNS 3.bp.blogspot.com (6) 11048 2013-07-04 04:18:40 UTC 2022-10-04 05:24:35 UTC 142.250.74.161
mnemonic passive DNS pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-10-04 04:39:38 UTC 216.58.207.226
mnemonic passive DNS 4.bp.blogspot.com (2) 11215 2013-05-06 20:18:52 UTC 2022-10-04 05:34:15 UTC 142.250.74.161
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (13) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS cdn.widgetserver.com (4) 0 2012-05-22 02:51:28 UTC 2022-10-04 09:13:30 UTC 173.255.194.134 Domain (widgetserver.com) ranked at: 501429
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS img1.wsimg.com (4) 9893 2012-06-20 14:42:31 UTC 2022-10-04 08:15:15 UTC 23.36.79.16
mnemonic passive DNS postback.trafficmotor.com (2) 96726 2019-11-09 13:35:40 UTC 2022-10-04 04:17:46 UTC 45.79.38.145
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.25
mnemonic passive DNS toosexyforwords.blogspot.com (2) 0 2017-06-24 10:48:24 UTC 2017-06-24 10:48:24 UTC 142.250.74.161 Unknown ranking
mnemonic passive DNS www6.widgetserver.com (1) 0 2018-08-09 06:10:41 UTC 2022-10-03 20:09:22 UTC 35.186.238.101 Domain (widgetserver.com) ranked at: 501429
mnemonic passive DNS accounts.google.com (1) 81 2016-09-05 09:39:47 UTC 2022-10-04 05:16:29 UTC 216.58.207.237
mnemonic passive DNS cdn.widgetserver.com (4) 0 2012-05-22 02:51:28 UTC 2022-10-04 09:13:30 UTC 45.33.2.79 Domain (widgetserver.com) ranked at: 501429
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-04 04:25:35 UTC 142.250.74.164
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 09:13:54 UTC 143.204.55.27
mnemonic passive DNS toosexyforwords.blogspot.co.at (1) 0 No data No data 142.250.74.161 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 54.187.71.185
mnemonic passive DNS resources.blogblog.com (8) 13274 2017-01-30 04:47:40 UTC 2022-10-04 07:39:17 UTC 216.58.207.201
mnemonic passive DNS 2.bp.blogspot.com (6) 11071 2013-07-04 03:01:31 UTC 2022-10-04 05:34:15 UTC 142.250.74.161
mnemonic passive DNS api.aws.parking.godaddy.com (10) 36127 2020-03-23 21:33:37 UTC 2022-10-04 04:16:50 UTC 44.193.148.120
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 07:51:20 UTC 93.184.220.29
mnemonic passive DNS apis.google.com (3) 105 2013-05-30 23:17:44 UTC 2022-10-04 04:25:30 UTC 142.250.74.174
mnemonic passive DNS 1.bp.blogspot.com (6) 8403 2013-05-06 20:18:52 UTC 2022-10-04 07:16:09 UTC 142.250.74.161
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-10-04 04:40:22 UTC 192.124.249.41
mnemonic passive DNS partner.googleadservices.com (1) 798 2012-10-03 01:04:21 UTC 2022-10-04 04:17:53 UTC 172.217.21.162


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.161

Date UQ / IDS / BL URL IP
2022-12-04 15:56:39 +0000
0 - 0 - 3 peartreedigitaldesigns.blogspot.ca/search/lab (...) 142.250.74.161
2022-12-04 15:55:01 +0000
0 - 0 - 3 aflam-uk.blogspot.mx/search/label/Eating 142.250.74.161
2022-12-04 15:52:47 +0000
0 - 0 - 1 frentecomuncubano.blogspot.com/search/label/G (...) 142.250.74.161
2022-12-04 15:52:45 +0000
0 - 0 - 2 frentecomuncubano.blogspot.com/search/label/G (...) 142.250.74.161
2022-12-04 15:52:33 +0000
0 - 0 - 3 frentecomuncubano.blogspot.fr/search/label/Gu (...) 142.250.74.161

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-12-04 16:22:34 +0000
0 - 0 - 6 jeraldbednar.blogspot.com/2022/08/gambar-oran (...) 172.217.21.161
2022-12-04 16:20:40 +0000
0 - 0 - 6 pensiliaa.blogspot.com/2022/03/free-printable (...) 172.217.21.161
2022-12-04 16:19:34 +0000
0 - 0 - 2 hotartisindia.blogspot.com/2011/12/selena-gom (...) 172.217.21.161
2022-12-04 16:19:07 +0000
0 - 0 - 1 yourvaccinestudy.com/ 34.102.136.180
2022-12-04 16:13:48 +0000
0 - 0 - 6 whats-app-clone--oreolad2.repl.co/ 34.149.204.188

Last 1 reports on domain: toosexyforwords.blogspot.co.at

Date UQ / IDS / BL URL IP
2022-10-04 10:33:01 +0000
0 - 0 - 3 toosexyforwords.blogspot.co.at/ 142.250.74.161

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-10 19:36:01 +0000
0 - 0 - 3 dog--lover.blogspot.li/ 142.250.74.161
2022-10-22 15:27:50 +0000
0 - 0 - 1 blognyanessiamegawati.blogspot.com/2009/04/pa (...) 142.250.74.161
2022-10-22 15:27:11 +0000
0 - 0 - 2 whatsabackpacker.blogspot.com/2009/10/most-fa (...) 142.250.74.161
2022-10-16 03:25:18 +0000
0 - 0 - 5 guidetoline.blogspot.com/search/label/s 142.250.74.161
2022-10-07 23:32:31 +0000
0 - 0 - 3 putriputrikurniasih.blogspot.com/ 142.250.74.161


JavaScript

Executed Scripts (22)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (99)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 09:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gVDvWyjGhkidbw7q45gy6coSPnleFc0vG4wkrLjeeAw8kDZ3_JrSrQ==
Age: 2746


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5424
Expires: Tue, 04 Oct 2022 12:03:14 GMT
Date: Tue, 04 Oct 2022 10:32:50 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VlDJjdpjbT4zlg3Xtp3q2ZxmYp3avLhTG1qKk29P6_WN2Vowl2usRg==
age: 18263
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET / HTTP/1.1 
Host: toosexyforwords.blogspot.co.at
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         142.250.74.161
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Location: http://toosexyforwords.blogspot.com/
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 10:32:50 GMT
Expires: Tue, 04 Oct 2022 10:32:50 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 182
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   182
Md5:    95a9b78f9c3f039c1b28f6f34c5960ec
Sha1:   04804b6b88259fe30f7a87f67a52495d397861a3
Sha256: 9b32fa8cb73063ae73e4b1dbb67f105c9515f768bfd6e0370a14c1967429e1e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 10:32:50 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 10:29:33 GMT
Expires: Tue, 04 Oct 2022 11:17:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2b25At6qMnCgAg27_q1VoVuXBORZG9LHjG_yFi9SWTfVk1og9R6eXQ==
Age: 197


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 603
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 10:32:51 GMT
Last-Modified: Tue, 04 Oct 2022 10:22:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: toosexyforwords.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Tue, 04 Oct 2022 10:32:51 GMT
Date: Tue, 04 Oct 2022 10:32:51 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 13 Dec 2021 03:28:02 GMT
ETag: W/"f687665f3cf8047a1d8173a61eb8ee4e6d27576801db597dba49e798994add5e"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 24453
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1495)
Size:   24453
Md5:    43ec7916a7e917ae7785ac6849ec549d
Sha1:   73e4e3a43060e9d866a4406aee35cc6cd412f291
Sha256: 05f0129d028bacbf1bae4c8cc6b294f74a5c8cd52653f7df14ca50fd54cf01d2
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FDXcU4zlnaS2ciTU6V/N3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.71.185
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xLFHbGdnPfpsTjn3m7H3Le3IYNw=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: toosexyforwords.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Tue, 11 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 04 Oct 2022 09:10:01 GMT
Age: 23


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
                                        
                                            GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:39:06 GMT
expires: Sun, 01 Oct 2023 12:39:06 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
age: 251625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35959)
Size:   7776
Md5:    5aa2d3297bdc86bc81322aedecbb5e79
Sha1:   1c0a3c007e41726e167e79b70ddea76198650884
Sha256: feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
                                        
                                            GET /img/icon18_edit_allbkg.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 19:52:13 GMT
expires: Sat, 08 Oct 2022 19:52:13 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
age: 225638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 18\012- data
Size:   162
Md5:    c991641178ff05adf0d004298b5eafa9
Sha1:   d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
Sha256: ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
                                        
                                            GET /img/widgets/arrow_dropdown.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 141
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 17:07:09 GMT
expires: Sat, 08 Oct 2022 17:07:09 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
age: 235542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 13 x 10\012- data
Size:   141
Md5:    2964a07d60a4e76b299130fb1b4115f6
Sha1:   3b72dcc19f3ad685513eaba612e07e0ed495f2e1
Sha256: 28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
                                        
                                            GET /static/v1/widgets/792789798-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 02:15:20 GMT
expires: Tue, 03 Oct 2023 02:15:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Oct 2022 00:49:27 GMT
age: 116251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56804
Md5:    02e6bf311e18828a522b4d3a4079084f
Sha1:   a63cd373fa23b4fe11f938d57737e6bfa1ebe789
Sha256: 25d469843aa09be2473931d33aaa37b65ac371874bd98ca84ec780bead3e33e4
                                        
                                            GET /img/widgets/subscribe-netvibes.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 11:47:52 GMT
expires: Sat, 08 Oct 2022 11:47:52 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 14:51:29 GMT
age: 254699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Size:   1445
Md5:    c52a5f4ecb6be5d7e93b23ef4122ee4e
Sha1:   4e698a5f455daf3a8ea1e219b1998079f0546716
Sha256: 71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
                                        
                                            GET /img/icon18_email.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 13:30:41 GMT
expires: Sat, 08 Oct 2022 13:30:41 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
age: 248530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 13\012- data
Size:   164
Md5:    36b9f993db1b953f3b9b08040aaf9af4
Sha1:   18248661b307586dc291fd2dff4bb59cf7579475
Sha256: 1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
                                        
                                            GET /-t3YLAex0sco/UfkbmqTBXMI/AAAAAAAAAP0/yPnP_P-ikvM/s320/042913306.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="042913306.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 30702
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vfe"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 288x320, components 3\012- data
Size:   30702
Md5:    a768b0972fae50271429638b2e6a3eb0
Sha1:   0180c70b6401a274ffd121e592cef85d5a3cefb2
Sha256: 865e4eee4d61f8fbbfdb875e7f45484c8e7106d16ab29a5b46c102fa88635993
                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Tue, 04 Oct 2022 10:32:51 GMT
expires: Tue, 04 Oct 2022 10:32:51 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1277)
Size:   20361
Md5:    b5a31516be83fe4f962609045d824f88
Sha1:   939a49a9858bf23561279f9ca2d1941d3256c66f
Sha256: edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
                                        
                                            GET /img/icon_feed12.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 09:06:36 GMT
expires: Sat, 08 Oct 2022 09:06:36 GMT
cache-control: public, max-age=604800
last-modified: Sat, 01 Oct 2022 07:51:36 GMT
age: 264375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Size:   500
Md5:    44e7355a788fd1082deff0018883758e
Sha1:   50e3a28a44978e85d13c30522e0c71c8d0b24675
Sha256: 3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
                                        
                                            GET /-eK1tFcpKBs8/Ufkbf4h9e4I/AAAAAAAAAPk/N0vBdshLGFk/s320/042713215.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="042713215.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 32216
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vfa"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 293x320, components 3\012- data
Size:   32216
Md5:    0b69adc38b4bfbc04cde917f79bdd3e7
Sha1:   edd171161c887fb5764ae75cf56f11354c84e094
Sha256: 3d1282d02957660e39d7e0332dd4341750cbb55c1efb478a93152940c4d34166
                                        
                                            GET /-N-8MRPZzbL0/UiNQIroO5bI/AAAAAAAAASQ/-tG5_zHctaE/s320/MVI_9543a.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="MVI_9543a.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 19422
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v125"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   19422
Md5:    a09837187a8a3c2a1642478dec669afd
Sha1:   0dd0a7851b7d1cfc8b9e7d0bd7cdf24a2808119f
Sha256: c0a9a7b1268746d4f9d89e87ba30d761d7f03744896b3b9d2eb23160de7033dc
                                        
                                            GET /-X81odDyZ8WY/TrYcTd9k_lI/AAAAAAAAAFs/EIKxQ8FcRww/s840/All%2Bcovers.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="All covers.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 94779
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v146"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 840x382, components 3\012- data
Size:   94779
Md5:    8e65f8f22ed1be334dca936bf5aecfdd
Sha1:   7711a7c3db5b3413f9fb32ddc0cc9d16deb53e36
Sha256: 8d3e860c140a436e01d34e2a5f42914eac0ae54cd2e2ae32f75dae26bb3c4d9d
                                        
                                            GET /-YtoennbnYDc/UjXCwRYOdfI/AAAAAAAAATo/xkBWNWi2qEY/s320/MVI_1223a.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="MVI_1223a.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 16699
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v13b"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x256, components 3\012- data
Size:   16699
Md5:    51a77979b221b60014c0fda4de2990c4
Sha1:   84161a2e4ad041019cea02d6cb21bb546bb9f083
Sha256: 0dc597a116b37a97bf62898dcb20a532c9c2b0feee34baad1b83684dc1a1baa8
                                        
                                            GET /-xPSKR5Nl210/UiNP3VXPIrI/AAAAAAAAARw/HzdLa3dpInU/s320/jf.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="jf.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 30829
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v11d"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 249x320, components 3\012- data
Size:   30829
Md5:    d441a709b7201b7d3bf7f635e289aedd
Sha1:   4fd5fc82ddc5491e5c94d295fe1c562db90a12be
Sha256: fe34eb1c04a570d1241f351e8ce723c3978c30685e2729dccb25c9d27cd82839
                                        
                                            GET /-_1v5vG9Re_0/UiNQFB6CP5I/AAAAAAAAASI/KEt9X8UHiQ8/s320/MVI_1223a.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="MVI_1223a.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 11384
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v123"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x234, components 3\012- data
Size:   11384
Md5:    64fced3f731f3b1f1ed9d971f6623e34
Sha1:   55f1005db571c67b7399d6447e7c5c026cddab04
Sha256: c41bb6073dfdf508f9d8a95f4162c639084232c2ec614e6f29069f80300ff4e9
                                        
                                            GET /-KyPM6sFusA8/UjXCZ8a5pqI/AAAAAAAAASw/lxZo7ZYDzIE/s320/3.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="3.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 15499
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v12d"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x235, components 3\012- data
Size:   15499
Md5:    8c0f611a229567a8c041dcfa366cf08b
Sha1:   3b85131275b3cd39e10dd04964bb2c9ebc426cde
Sha256: 9a1099e40a9abbfd73ba9b7926321e2f156b97d5cb1f92016846a0899be9505a
                                        
                                            GET /-wwwQEraY-k4/UiNQN-hlfyI/AAAAAAAAASY/clEiapzlLxs/s320/MVI_9734e.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="MVI_9734e.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 19577
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v127"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x298, components 3\012- data
Size:   19577
Md5:    204bba7d342a02160332f15d9ca41dfb
Sha1:   2651fc04d29b5552aff23d491193a9d711887259
Sha256: 670772f4f8b82a7b38a80c6dde77221cab7b1d34f0c98bb631823d7893959c65
                                        
                                            GET /-OXoxWppfsiE/UjXCdL9IJyI/AAAAAAAAAS4/YRE3s7bsxzQ/s320/4.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="4.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 14038
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v12f"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x177, components 3\012- data
Size:   14038
Md5:    279ec2d53aa77e5671340ffb372dac34
Sha1:   8e42886d6fa760f3c399c484dbf2c7d747d74480
Sha256: afc43a34a70a10f1be542947083a8c7fd42fa925058673af91be25d744c88729
                                        
                                            GET /-OHUAEFnddFM/UjXCsvSyesI/AAAAAAAAATg/nlD5yGF7WA4/s320/IMG_4677.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="IMG_4677.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 20224
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v139"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   20224
Md5:    94499f87413ae8f2f3b6b33d2aa64cdf
Sha1:   197ed653d6fbeb463660bef2447e4c3c806f572b
Sha256: 964b9174af21d668fcd13c6432ce3c682c71dbc19b0e069479d09197ac41717b
                                        
                                            GET /-swqFdlgpbz4/UjXC2itFwGI/AAAAAAAAAT4/jI6Dp0VL-J4/s320/MVI_9000j.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="MVI_9000j.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 17826
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v13f"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   17826
Md5:    ef9285616130fbbe0a7cc08f636f1f13
Sha1:   d6a3a87b4202bdbec8da03f0f541e472cf4b70bd
Sha256: 375526fc7ebd1a66e47d096c707e6124dbf044bfc770970fbecef07a9dd8f498
                                        
                                            GET /-IVNObjkfQuk/UjXCzeiHz_I/AAAAAAAAATw/9GeNrV1JUX0/s320/MVI_1458d.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="MVI_1458d.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 18538
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v13d"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x259, components 3\012- data
Size:   18538
Md5:    801792f3ef4f90ad50fff10b8c5ef802
Sha1:   cd0cf81f266e4bafbacc036a717da9276aa517a9
Sha256: 6d699b4d934d6716d3ff5ae9ed6693a7eb08729d333f3f15dd594272e76856c7
                                        
                                            GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 07:25:42 GMT
expires: Mon, 02 Oct 2023 07:25:42 GMT
cache-control: public, max-age=31536000
age: 184029
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (580)
Size:   57995
Md5:    d70fcc84d705c565b31a5835c0938d5b
Sha1:   d28e5dc9fcc6239d67986df3205468072023d2d7
Sha256: 1d558c94793446aa6a7832dde0c39ed7d9c77fd963ffb738c460e4f7369a7f4e
                                        
                                            GET /-QzqDJOmBONk/UcEBpDALKbI/AAAAAAAAAPI/ACUTr0EqBDI/s320/securedownload+(5).jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="securedownload (5).jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 22906
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vf3"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 320x204, components 3\012- data
Size:   22906
Md5:    ec6cea9c14654299c30ac53941dfa881
Sha1:   32228e7be11462b44977bad3018bcf858089f5af
Sha256: f01e63a74782fc947db0eec8507291ea7b187d65013b4e1f6a0cd336cd97ccb9
                                        
                                            GET /-cSNZKRAmze4/UcEBklnoRoI/AAAAAAAAAPA/u8hBHj1Eras/s320/securedownload+(4).jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="securedownload (4).jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 19306
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vf1"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 320x144, components 3\012- data
Size:   19306
Md5:    9faaeb1297873d21d113531a1e96261b
Sha1:   386611acb5d4131934cb90e4007eece8371f23b2
Sha256: 6a80539d080a0ccbb37c627d8889310c72948b8f94a447774453b042aff1e942
                                        
                                            GET /img/share_buttons_20_3.png HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 07:14:19 GMT
expires: Sat, 08 Oct 2022 07:14:19 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
age: 271112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   5080
Md5:    ad9999106d5f550920b586e8e1704e5a
Sha1:   93fd02c51166402a41f96509cd0ca3fb917877dd
Sha256: 3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
                                        
                                            GET /img/widgets/s_top.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 335
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 22:19:40 GMT
expires: Sat, 08 Oct 2022 22:19:40 GMT
cache-control: public, max-age=604800
last-modified: Sat, 01 Oct 2022 20:50:33 GMT
age: 216791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 144 x 400, 4-bit colormap, non-interlaced\012- data
Size:   335
Md5:    c4908f4189f7698dc8afdd67df8ce041
Sha1:   b6f7cd64ff84e7cedb4b8b92ceb8b9800ad7624a
Sha256: cfe1d5dd45c7f0897d769e6c95ae9036fbdc7dad76ac9ed6ce6b21a785ecd6de
                                        
                                            GET /pagead/js/google_top_exp.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Mon, 03 Oct 2022 20:51:15 GMT
Expires: Mon, 17 Oct 2022 20:51:15 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Age: 49296


--- Additional Info ---
Magic:  ASCII text
Size:   67
Md5:    9bbc3ca32ec951a484589ce0e6b4db73
Sha1:   753d6f6183b33b2dee5dde2208fca91c17f5bb13
Sha256: b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
                                        
                                            GET /img/widgets/s_bottom.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:07:01 GMT
expires: Sat, 08 Oct 2022 03:07:01 GMT
cache-control: public, max-age=604800
last-modified: Sat, 01 Oct 2022 01:07:16 GMT
age: 285950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 144 x 3, 4-bit colormap, non-interlaced\012- data
Size:   172
Md5:    a9bbd1bf495055e06e61aec7f8c1b6c4
Sha1:   491c1a006da8a9eea4f3d1bb27e5815ab66a9f45
Sha256: 91fe35689444e53c1bf3e04f24c154fa0468be9edd3c84344f9f64c2eff89eeb
                                        
                                            GET /-f7chcdfJXtI/UfkbsvwlmBI/AAAAAAAAAQE/JWl7pQoZjVY/s320/0607131134.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="0607131134.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 22044
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v102"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 239x320, components 3\012- data
Size:   22044
Md5:    d40808e26ca443f2221055ebcefb9cad
Sha1:   69fe331a92501b66ade6d7b624a75e906ee5f7ff
Sha256: 1f659a5a7d25792f2083e7f9024e7b57e325a3bfaeaa53b09b8dff944245329d
                                        
                                            GET /-ZwvKNQsk6yA/UfkbjgZQglI/AAAAAAAAAPs/ILsClGUiEd8/s320/042913303.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="042913303.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 33011
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vfc"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x213, components 3\012- data
Size:   33011
Md5:    d10aafddc6059ba70a2088f8f326f78f
Sha1:   6333ca880019ff02a72353e3c24b1759de4c7ac7
Sha256: b7c74888484cf0b10381f28bec4fcaf8e49f8bf478ad00f9bcf38e25bc39982b
                                        
                                            GET /-sUAIEy_ZHqs/UcEBr45yWhI/AAAAAAAAAPQ/Hb3RHKEkNDs/s320/securedownload+(6).jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="securedownload (6).jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 37690
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vf5"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 217x320, components 3\012- data
Size:   37690
Md5:    968f7fedfd48b4166d70b142d99bdb0d
Sha1:   0b36414a59d10ff966d9661dfd06cec5cfec70bc
Sha256: f06dc3ae57554e31810bfcae3e718e775e371ab214b4e4cb53db418488eef9cc
                                        
                                            GET /-nofOed0e_IM/UiNP-_XXMvI/AAAAAAAAASA/yIY0xzqoTe8/s320/MVI_0842c.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="MVI_0842c.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 10298
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v121"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   10298
Md5:    b3b376d0decad8ffe5d777382a03be6f
Sha1:   ea45b21ee6d7ebc8efcfd2837f82d2e9c2389f88
Sha256: d6ef22fbb037ed3f0147f1c8778d513dd11dcf506ccaed363a391a58da5b90fe
                                        
                                            GET /-X-bPabIGKvs/UiNPYZT51GI/AAAAAAAAAQo/2D_X8LFUPyQ/s320/5a.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="5a.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 13106
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 10:32:28 GMT
Expires: Wed, 05 Oct 2022 10:32:28 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v10b"
Age: 23


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 308x320, components 3\012- data
Size:   13106
Md5:    d30a66f2f0d22a759296abe92fa316f7
Sha1:   97189ba80391d7509148b285fae526c6773a0294
Sha256: 86b7c1b91a612bc53d4072eaaeb7ce925686ec1c94c68877ba94efbd85579b86
                                        
                                            GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 12103
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 04:22:47 GMT
expires: Sun, 01 Oct 2023 04:22:47 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
age: 281404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (536)
Size:   12103
Md5:    e4fb51c04ea660686e6550b82c1a18ca
Sha1:   a58d0f29017553ee017db3ff88682c046481baf6
Sha256: 9d1a0929c0bad4402483d5fa706f3433a06414cd5514a3cd48ae6c4a1b61f8cc
                                        
                                            GET /syndication/subscriber/InsertWidget.js HTTP/1.1 
Host: cdn.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/

                                         
                                         173.255.194.134
HTTP/1.1 200 OK
content-type: application/javascript
                                        
server: openresty/1.13.6.1
date: Tue, 04 Oct 2022 10:32:51 GMT
content-length: 157
last-modified: Fri, 09 Mar 2018 19:33:30 GMT
etag: "5aa2e18a-9d"
accept-ranges: bytes
connection: close


--- Additional Info ---
Magic:  ASCII text
Size:   157
Md5:    67e216a27dda24bdcb086c2385b0cb99
Sha1:   17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
Sha256: 9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 33850
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 10:18:30 GMT
expires: Tue, 04 Oct 2022 11:08:30 GMT
cache-control: public, max-age=3000
last-modified: Thu, 29 Sep 2022 21:00:43 GMT
age: 862
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2800)
Size:   33850
Md5:    3d5823c8d54c6fbfa1c2111ad8b5e177
Sha1:   2df748e9879f3f9b8dcf4104d5074b152881d37e
Sha256: b8e63d9f4ae8fff2900f481c5b9f813af7b74aed8cd9398049ce3cceb0afc629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /followers.g?blogID=6116713463870618879&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByMyMjIyMjJCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50&pageSize=21&origin=http://toosexyforwords.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__ HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D6116713463870618879%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByMyMjIyMjJCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://toosexyforwords.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D6116713463870618879%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByMyMjIyMjJCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://toosexyforwords.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
content-encoding: gzip
date: Tue, 04 Oct 2022 10:32:52 GMT
expires: Tue, 04 Oct 2022 10:32:52 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 529
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1028)
Size:   529
Md5:    9dc334c23d230654a01560ae31dde6cb
Sha1:   db67009b7598e6cd33561d8ca95fc6edb671f2d3
Sha256: ae7fd6199faff54b02cbd14e7b4dd16e91bcd878dbcde91477027cb6f88a420a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D6116713463870618879%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByMyMjIyMjJCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://toosexyforwords.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D6116713463870618879%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByMyMjIyMjJCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://toosexyforwords.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://toosexyforwords.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 10:32:52 GMT
location: https://www.blogger.com/followers.g?blogID=6116713463870618879&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMyMjIyMjIiByMyMjg4YmIqByNmZmZmZmYyByMwMDAwMDA6ByMyMjIyMjJCByMyMjg4YmJKByM5OTk5OTlSByMyMjg4YmJaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Ftoosexyforwords.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Mce30Gd9cbIcrewEtITKbw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 472
server: GSE
set-cookie: __Host-GAPS=1:Pp3e4XW3nh7pHYbfOF6D49_C9Zwgbg:LboZ7eZF_S--shGa;Path=/;Expires=Thu, 03-Oct-2024 10:32:52 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (507)
Size:   472
Md5:    3fb688a5af837b01a82145b150419575
Sha1:   4c68ac03212b0332343bafe541ebf68b30f43ac8
Sha256: 8fb886014a6e970b4a332a61910abc5591ddc651b5484e4dcb0fe87f13c14020
                                        
                                            GET / HTTP/1.1 
Host: cdn.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Upgrade-Insecure-Requests: 1

                                         
                                         45.33.2.79
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty/1.13.6.1
date: Tue, 04 Oct 2022 10:32:52 GMT
content-length: 7182
vary: Accept-Language
content-language: en
connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (338)
Size:   7182
Md5:    5df0e80d476e4dd1264e9186df757b24
Sha1:   85aae50400b34b2216bbbc9708588d14288f284c
Sha256: 09b899584eb012ab4216d52d3222e81230dbc4d333e1a70801e1cda446d131db

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: cdn.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/

                                         
                                         45.33.2.79
HTTP/1.1 200 OK
content-type: image/gif
                                        
server: openresty/1.13.6.1
date: Tue, 04 Oct 2022 10:32:52 GMT
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
connection: close


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /mtm/async/.eJxdjEsOwiAQhu_CshJwqTWexVCYUhLo4DC2GOPdBePK3fc_X-JBQYxCCykM-dKwEcEMBNTEwpxHrRmxQH3OSDuSK2qK6EtGVhZTny5Y-LaaBG1i3ar24DxwAdqAeqe_WwuZW85QWS-cojQ5x2ANB1x17c6h_rspXu7XozrLkIwHbbYw_3CHKctBD9_8JN4fl79F_w:1offEK:0t_HXBXlLblGQGohSn6AijvMPfk/1/0 HTTP/1.1 
Host: cdn.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cdn.widgetserver.com/
Connection: keep-alive

                                         
                                         45.33.2.79
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty/1.13.6.1
date: Tue, 04 Oct 2022 10:32:52 GMT
content-length: 321
x-mtm-path: 3
x-mtm-prov: 1:6.42;70:0.00
x-mtm-rd: 0.09
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJ3aWRnZXRzZXJ2ZXIuY29tIiwiaHR0cDovL3d3dzYud2lkZ2V0c2VydmVyLmNvbS8_dGVtcGxhdGU9QVJST1dfMyZ0ZGZzPTAmc190b2tlbj0xNjY0ODc5NTcyLjAxNDE0MzAwMDAmdXVpZD0xNjY0ODc5NTcyLjAxNDE0MzAwMDAmdGVybT1FdXJvcGUlMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJnRlcm09Tm9yd2F5JTIwRGVkaWNhdGVkJTIwU2VydmVycyZ0ZXJtPU9zbG8lMjBDb3VudHklMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJnRlcm09T3NsbyUyMERlZGljYXRlZCUyMFNlcnZlcnMmdGVybT1DdXN0b20lMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJnNlYXJjaGJveD0wJnNob3dEb21haW49MSZiYWNrZmlsbD0wIiwxLCIyMDIyLTEwLTA0IDEwOjMyOjUyIiwxLCIxNjY0ODc5NTcyLjAxNDE0MzAwMDAiLDcwLG51bGwsbnVsbF0:1offEK:kqtoATFZzCTYiu7dKeqeNzwlFWE; expires=Tue, 04-Oct-2022 11:32:52 GMT; Max-Age=3600; Path=/
connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (321), with no line terminators
Size:   321
Md5:    841f845281089acb025b535b120a1eb2
Sha1:   7bf493ceee6a859c9e22a6fe8c397b51fdc842a6
Sha256: ca6e78c8dc9c99a8f7318d8d1792dfcffe64ce31b49cb145818fa8c20d59a726

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11794
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 10:32:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11794
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 10:32:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11794
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 10:32:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11794
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 10:32:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11794
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 10:32:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 45418
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3430
x-amzn-requestid: 22a0e400-1567-4c9c-aca9-782f3f81a8ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLCrEn4IAMFZWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f210-11fa888c78719c44160accf8;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 69u2trVvquFefzPFeOg_AuyzqQ6EBpY_ok9d9RXv71NE3TB_qELdtg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 16:24:09 GMT
age: 65323
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3430
Md5:    488ec5b4267ccb1cdc4e6e08556f7f3b
Sha1:   42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
Sha256: d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 43413
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7H1QKlOtoBoVz93G5lddxHSGiTjtMnHJCZX5FhwqhNPkspslaDoFQA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 45351
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4151
Md5:    24a4a122273ef9f772852031eb13114a
Sha1:   c20f1fac9020eb4bd6c84583f73872979639b991
Sha256: 8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8534
x-amzn-requestid: 8ae51cd3-697b-47ed-8493-8f83e2bc7469
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuHlXoAMFucg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-165d72034440cf810d42f3bd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPt8LUVoKhXjfz-jZHLmnWD15tQgSLRaxl-Bsl0UU83G7wm3jj7_mg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:37:24 GMT
age: 42928
etag: "2b9f6828a38da81b40dcad033572e48b4c5896db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8534
Md5:    f2287c489794dab0e9ba923a2057988f
Sha1:   2b9f6828a38da81b40dcad033572e48b4c5896db
Sha256: e853fa2acf2425d14cb9746e8bbd45c8765598d2bb630859086b4668182dbf6c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 45366
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /?template=ARROW_3&tdfs=0&s_token=1664879572.0141430000&uuid=1664879572.0141430000&term=Europe%20Dedicated%20Servers&term=Norway%20Dedicated%20Servers&term=Oslo%20County%20Dedicated%20Servers&term=Oslo%20Dedicated%20Servers&term=Custom%20Dedicated%20Servers&searchbox=0&showDomain=1&backfill=0 HTTP/1.1 
Host: www6.widgetserver.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/
Upgrade-Insecure-Requests: 1

                                         
                                         35.186.238.101
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: openresty
Date: Tue, 04 Oct 2022 10:32:52 GMT
Content-Length: 2551
Last-Modified: Fri, 16 Sep 2022 16:45:53 GMT
ETag: "6324a841-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UU/Ne5F25rXq5kuOJrZjeNd6dWV5ECMtqzOTodPI3d7m0mil198rd2FrXbwFOkHTejPz4Q9IxJv7xtNRNB57EQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Size:   2551
Md5:    41f66bb0ac50f2d851236170e7c71341
Sha1:   59bcec216302151922219b51be8ad8ab6d0b8384
Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
                                        
                                            GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: Ft4hH0fy+dFAnl68G4QyXJ3pS5VY+/K35zEViDI+w7z+sTosafl2fAW4g9NrUhyUgJ7JKbozLe8=
x-amz-request-id: FBDK3VS1K6HF0NCR
last-modified: Fri, 16 Sep 2022 17:52:00 GMT
etag: "04bb6e8d9135d976f28e9ba68fbc6f67"
x-amz-server-side-encryption: AES256
x-amz-version-id: 4zafttojs22R6rxiZs_M0ICLL.vyZxyd
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 10:32:53 GMT
date: Tue, 04 Oct 2022 10:32:53 GMT
content-length: 135541
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65462)
Size:   135541
Md5:    ed301c77cb4cfefcf054b77502912c41
Sha1:   0139ede39adaa61fdae8dfb9c7f6f8600025599b
Sha256: 10ebdcf812a393d96af2bf99a2e5ddf8381f37b2fa85698c4c25e7c03350712c
                                        
                                            GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: ePBtPNltighZ03JBS/Xu3LYeSA7F1yzEuIL6FXs/YdArb0qYS2ZncKxSX45UyFn4EY1mPti8L0Y=
x-amz-request-id: Q5Y8PK0VHGD0XQRS
last-modified: Fri, 16 Sep 2022 16:45:04 GMT
etag: "87b518e8e45487e774f8d47f2dc0026f"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2Wom95JLG5jhnN_DEOMzqRfOKsQDbi7Z
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 10:32:53 GMT
date: Tue, 04 Oct 2022 10:32:53 GMT
content-length: 58202
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65459)
Size:   58202
Md5:    feb46b3c6b7556a8bf123a5e87ffd2b5
Sha1:   aff2efba814012e9fe1586055599069f77e6a062
Sha256: 6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Tue, 04 Oct 2022 10:32:53 GMT
expires: Tue, 04 Oct 2022 10:32:53 GMT
cache-control: private, max-age=3600
etag: "4815563326027271404"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   56525
Md5:    6aea3aa7623d2fdada9fce9763edda4a
Sha1:   7b32d653965d211da0e2463c3eb5395d2265f365
Sha256: 9313150c9b76f7cf3e50b164ce11ee665b18e17a4b2d0cd8613aeb7ab4c9f469
                                        
                                            GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Sep 2022 17:52:00 GMT
If-None-Match: "04bb6e8d9135d976f28e9ba68fbc6f67"
Cache-Control: max-age=0
TE: trailers

                                         
                                         23.36.79.16
HTTP/2 304 Not Modified
content-type: application/javascript
                                        
last-modified: Fri, 16 Sep 2022 17:52:00 GMT
etag: "04bb6e8d9135d976f28e9ba68fbc6f67"
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 10:32:53 GMT
date: Tue, 04 Oct 2022 10:32:53 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Sep 2022 16:45:04 GMT
If-None-Match: "87b518e8e45487e774f8d47f2dc0026f"
Cache-Control: max-age=0
TE: trailers

                                         
                                         23.36.79.16
HTTP/2 304 Not Modified
content-type: application/javascript
                                        
last-modified: Fri, 16 Sep 2022 16:45:04 GMT
etag: "87b518e8e45487e774f8d47f2dc0026f"
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 10:32:53 GMT
date: Tue, 04 Oct 2022 10:32:53 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 10:32:53 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 04 Oct 2022 01:53:57 GMT
Expires: Wed, 05 Oct 2022 01:53:57 GMT
ETag: "694564a36f67f4053074952c3f208fb1191fadbf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    af72a96208d37bcc94092947b466d265
Sha1:   694564a36f67f4053074952c3f208fb1191fadbf
Sha256: dd6c52f7f7d2ab0089f1a081090600c1aa1d8eac8cadd19f8857f03a953163c8
                                        
                                            OPTIONS /v1/domains/domain?domain=www6.widgetserver.com&portfolioId= HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://www6.widgetserver.com/
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

                                         
                                         44.193.148.120
HTTP/2 200 OK
                                        
date: Tue, 04 Oct 2022 10:32:53 GMT
content-length: 0
set-cookie: AWSALB=HxEK1lGM69LEgL2Xty/5cVQvPTmiZZNOKeybvul+illSRn5N9fhOMW6dBMOjTpV6T0hvKzHAKacY3j9LBk9ntGFXrHlp5X4tWvEnH3WhRwZ1JqR5Z+vCM5rzmOpx; Expires=Tue, 11 Oct 2022 10:32:53 GMT; Path=/ AWSALBCORS=HxEK1lGM69LEgL2Xty/5cVQvPTmiZZNOKeybvul+illSRn5N9fhOMW6dBMOjTpV6T0hvKzHAKacY3j9LBk9ntGFXrHlp5X4tWvEnH3WhRwZ1JqR5Z+vCM5rzmOpx; Expires=Tue, 11 Oct 2022 10:32:53 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://www6.widgetserver.com
access-control-max-age: 600
x-request-id: NVdTGwob
X-Firefox-Spdy: h2

                                        
                                            GET /v1/domains/domain?domain=www6.widgetserver.com&portfolioId= HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
X-Request-Id: d4cdbfc0-1025-4c61-a8e7-5c6e11d466ae
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 04 Oct 2022 10:32:54 GMT
content-length: 1018
set-cookie: AWSALB=UxzEfuM+cXlF6zLFeuICATtgV+PvVB3HKcLUfWjdoA/s0YKWtCUB25Ua9mYADJWK49ZqosBlG4OcsFXMdzGyyfTp8fSiOd7oNZuPgztDL5hypUoBmVSkBax4tHRr; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/ AWSALBCORS=UxzEfuM+cXlF6zLFeuICATtgV+PvVB3HKcLUfWjdoA/s0YKWtCUB25Ua9mYADJWK49ZqosBlG4OcsFXMdzGyyfTp8fSiOd7oNZuPgztDL5hypUoBmVSkBax4tHRr; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://www6.widgetserver.com
access-control-max-age: 600
x-request-id: d4cdbfc0-1025-4c61-a8e7-5c6e11d466ae
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1017)
Size:   1018
Md5:    ec0cf440914c296162912fef2da1f1e6
Sha1:   543fdaad43aa39d934d40181ad5bd74582336c04
Sha256: d53d4be305302f6a2eb9834904a5c75666f4630616857a3fd1ee784b47862be9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gampad/cookie.js?domain=www6.widgetserver.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1 
Host: partner.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.widgetserver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 04 Oct 2022 10:32:54 GMT
server: cafe
cache-control: private
content-length: 186
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   186
Md5:    95df7ef6571f817a7a4ad294a73bbe20
Sha1:   f0cbca03e1a74491f0840994c0f1951dbd94f1f6
Sha256: 3c561a5b5447033b35343697c6cc0477fffb446f935be1d31d5cc58c67b1938f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 10:32:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.widgetserver.com/
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 04 Oct 2022 10:32:54 GMT
content-length: 0
set-cookie: AWSALB=7NW1n0gBRxf+jMasM9pE3m8q0AuuYKTGo17KTX24SGJBbl91NkPGZzJhJ0Zg/Xu87RTgE3Q9s8HmdPKJ6VWlrSzZQdgQ5/qZd7w9YB6DnUwFmm3Yy3dvK2cEtaEW; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/ AWSALBCORS=7NW1n0gBRxf+jMasM9pE3m8q0AuuYKTGo17KTX24SGJBbl91NkPGZzJhJ0Zg/Xu87RTgE3Q9s8HmdPKJ6VWlrSzZQdgQ5/qZd7w9YB6DnUwFmm3Yy3dvK2cEtaEW; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.widgetserver.com/
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 04 Oct 2022 10:32:54 GMT
content-length: 0
set-cookie: AWSALB=OuJOr2q6glTxq3gTwteJvIzAgVCjCPRyJ+O0LMJJqISV7HXz3jM7G6f1lp4u5aluPUljkPhu2a0lvDB9Ninjraws9LH3uToP4he10eG9Cn9KlVmA6GBqJngJRaCI; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/ AWSALBCORS=OuJOr2q6glTxq3gTwteJvIzAgVCjCPRyJ+O0LMJJqISV7HXz3jM7G6f1lp4u5aluPUljkPhu2a0lvDB9Ninjraws9LH3uToP4he10eG9Cn9KlVmA6GBqJngJRaCI; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3A4E3489CFBF36BBA2DAF46A9A7C9EF5A9B5A182A20991E54ED4D53BF7A6B7C"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14060
Expires: Tue, 04 Oct 2022 14:27:14 GMT
Date: Tue, 04 Oct 2022 10:32:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3A4E3489CFBF36BBA2DAF46A9A7C9EF5A9B5A182A20991E54ED4D53BF7A6B7C"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14060
Expires: Tue, 04 Oct 2022 14:27:14 GMT
Date: Tue, 04 Oct 2022 10:32:54 GMT
Connection: keep-alive

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Content-Type: application/json
Origin: http://www6.widgetserver.com
Content-Length: 758
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 04 Oct 2022 10:32:54 GMT
content-length: 0
set-cookie: AWSALB=HghirM/yVFgzcLvgKX80theWJcHilJD33VRf0u4TS+cnJlAvcC4SaTa/wG9GYhs/LJoZ1jAnw1oWzjB1FnuoPgD8n7KH64DCB5xPzA9uM6fyxNXx5sjhFlooWSO3; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/ AWSALBCORS=HghirM/yVFgzcLvgKX80theWJcHilJD33VRf0u4TS+cnJlAvcC4SaTa/wG9GYhs/LJoZ1jAnw1oWzjB1FnuoPgD8n7KH64DCB5xPzA9uM6fyxNXx5sjhFlooWSO3; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Content-Type: application/json
Origin: http://www6.widgetserver.com
Content-Length: 656
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 04 Oct 2022 10:32:54 GMT
content-length: 0
set-cookie: AWSALB=3sd1fAhRTEPraO32jFR+jF8p4pZHwuBAY7byJord0PObn6mdYXxnR+TyifKnVaXCw0yk3ZEZYi5mDvAgG/irLVzKNTltkC4PBKexwTIdRzyj/5vIBp6quGq9I43a; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/ AWSALBCORS=3sd1fAhRTEPraO32jFR+jF8p4pZHwuBAY7byJord0PObn6mdYXxnR+TyifKnVaXCw0yk3ZEZYi5mDvAgG/irLVzKNTltkC4PBKexwTIdRzyj/5vIBp6quGq9I43a; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.widgetserver.com/
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 04 Oct 2022 10:32:54 GMT
content-length: 0
set-cookie: AWSALB=cCca3nDwHz5tfd2OGd4VLlYj+Jw1thamtnu/8B+zucyLMICp0QS7AssFunoCV2KX1nC0xnt2pSU2M/exwvbVZfAO3U7OBvGfZDfWPQ3O2uM6llUX86AJJ3QVbWt1; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/ AWSALBCORS=cCca3nDwHz5tfd2OGd4VLlYj+Jw1thamtnu/8B+zucyLMICp0QS7AssFunoCV2KX1nC0xnt2pSU2M/exwvbVZfAO3U7OBvGfZDfWPQ3O2uM6llUX86AJJ3QVbWt1; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /sn/ HTTP/1.1 
Host: postback.trafficmotor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.widgetserver.com/
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.79.38.145
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty/1.13.6.1
Date: Tue, 04 Oct 2022 10:32:54 GMT
Content-Length: 0
Connection: close
Allow: HEAD, GET, POST, OPTIONS
Access-Control-Allow-Origin: http://www6.widgetserver.com
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin
Access-Control-Allow-Headers: content-type

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Content-Type: application/json
Origin: http://www6.widgetserver.com
Content-Length: 703
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 04 Oct 2022 10:32:54 GMT
content-length: 0
set-cookie: AWSALB=1RxEf5oPhSvl+Sn7kwkF4DLtB3TzsXMKX6D+ufh8HSJ8PUAORMtBeXUVkgR+WB0plVn0D3vD5ZUU6Y7HNWzC4XmJffYhTNG6zHhhepMIcMOH5W1i/01DL7y/+hth; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/ AWSALBCORS=1RxEf5oPhSvl+Sn7kwkF4DLtB3TzsXMKX6D+ufh8HSJ8PUAORMtBeXUVkgR+WB0plVn0D3vD5ZUU6Y7HNWzC4XmJffYhTNG6zHhhepMIcMOH5W1i/01DL7y/+hth; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /sn/ HTTP/1.1 
Host: postback.trafficmotor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Content-Type: application/json
Origin: http://www6.widgetserver.com
Content-Length: 143
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.79.38.145
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: openresty/1.13.6.1
Date: Tue, 04 Oct 2022 10:32:54 GMT
Content-Length: 31
Connection: close
Access-Control-Allow-Origin: http://www6.widgetserver.com
Vary: Origin


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   31
Md5:    766d13ee17243aa25b9e539c99ae6f35
Sha1:   05c6c546c4857d0bdf3714ac9a0794695ca2e9b5
Sha256: 9f7c21500f8bb1d1ad5dc605cf680767edcfd8913fd0634a495ee9a7604c4efd
                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Content-Type: application/json
Origin: http://www6.widgetserver.com
Content-Length: 652
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 04 Oct 2022 10:32:55 GMT
content-length: 0
set-cookie: AWSALB=CTx5roj8tGcsjX784wnWRC9+j5Rkbq1WNxDBCl1ivcsL1a43q6/R3XeUP0aIt6whdQkWpXu3CzDIPoC8sWgkrK0QdMRZTwaChKEFbEETccTaTuEGkhhlmRsNYSGm; Expires=Tue, 11 Oct 2022 10:32:55 GMT; Path=/ AWSALBCORS=CTx5roj8tGcsjX784wnWRC9+j5Rkbq1WNxDBCl1ivcsL1a43q6/R3XeUP0aIt6whdQkWpXu3CzDIPoC8sWgkrK0QdMRZTwaChKEFbEETccTaTuEGkhhlmRsNYSGm; Expires=Tue, 11 Oct 2022 10:32:55 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 10:32:55 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 04 Oct 2022 01:53:57 GMT
Expires: Wed, 05 Oct 2022 01:53:57 GMT
ETag: "694564a36f67f4053074952c3f208fb1191fadbf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    af72a96208d37bcc94092947b466d265
Sha1:   694564a36f67f4053074952c3f208fb1191fadbf
Sha256: dd6c52f7f7d2ab0089f1a081090600c1aa1d8eac8cadd19f8857f03a953163c8
                                        
                                            GET /img/widgets/subscribe-yahoo.png HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://toosexyforwords.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.201
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 10:16:11 GMT
expires: Sat, 08 Oct 2022 10:16:11 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
age: 260200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /d/search/p/godaddy/xml/domain/multiset/v4/?url=widgetserver.com&Partner=nameadmin_park_dm_2903_afternic&maxListings=3&maxWeb=0&maxRT=6&maxRTL=6&maxPC=6&urlLang=en&affilData=ip%3D91.90.42.154%26xfip%3D91.90.42.154%26ua%3DMozilla%252F5.0%2520%2528X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0%2529%2520Gecko%252F20100101%2520Firefox%252F96.0%26ur%3Dhttp%253A%252F%252Fwww6.widgetserver.com%252F&serveUrl=http%3A%2F%2Fwidgetserver.com&seedTerm=Europe%20Dedicated%20Servers%20Norway%20Dedicated%20Servers%20Oslo%20County%20Dedicated%20Servers%20Oslo%20Dedicated%20Servers%20Custom%20Dedicated%20Servers HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.widgetserver.com/
Origin: http://www6.widgetserver.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.193.148.120
HTTP/2 200 OK
content-type: text/xml; charset=utf-8
                                        
date: Tue, 04 Oct 2022 10:32:55 GMT
set-cookie: AWSALB=94jLQIMRre44VI2x02HDCod7ICTCnhLJDmU7aRcqK5JfODDXQt/9PHMXAcu0KbIcGlblXTtEm1c6Ns82CxEfj5jZskOhINIZDOq6kfT1+DCc1JG7RzdtZ+HZlvkS; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/ AWSALBCORS=94jLQIMRre44VI2x02HDCod7ICTCnhLJDmU7aRcqK5JfODDXQt/9PHMXAcu0KbIcGlblXTtEm1c6Ns82CxEfj5jZskOhINIZDOq6kfT1+DCc1JG7RzdtZ+HZlvkS; Expires=Tue, 11 Oct 2022 10:32:54 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
x-request-id: c07232a2-5c0d-4d76-aa12-ea122e1b19e4
etag: W/"2312-L3bFpOoSC/+sF2ewRHx7AhQAlAA"
vary: Accept-Encoding
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
age: 1
strict-transport-security: max-age=15552000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---