urlscan.io logo urlscan.io
SecurityTrails logo

volatility-labs.blogspot.com Open in urlscan Pro
2a00:1450:4001:831::2001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Effective URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Submission: On May 27 via api from AZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 23 HTTP transactions. The main IP is 2a00:1450:4001:831::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is volatility-labs.blogspot.com.
TLS certificate: Issued by WE2 on May 12th 2025. Valid for: 3 months.
This is the only time volatility-labs.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
volatility-labs.blogspot.com
3    2a00:1450:4001:82f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
3    2a00:1450:4001:80e::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogblog.com
www.blogger.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.184.201 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f9.1e100.net
www.blogger.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:830::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
resources.blogblog.com
5    142.250.186.169 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f9.1e100.net
www.blogger.com
1    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
volatility-labs.blogspot.com
Apex Domain
Subdomains		 Transfer
11 blogger.com
www.blogger.com — Cisco Umbrella Rank: 4497
240 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 118
region1.google-analytics.com — Cisco Umbrella Rank: 1949
22 KB
3 blogspot.com
volatility-labs.blogspot.com
13 KB
2 blogblog.com
www.blogblog.com — Cisco Umbrella Rank: 57822
resources.blogblog.com — Cisco Umbrella Rank: 20961
2 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 236
82 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 100
117 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 151
67 B
23 7
Domain Requested by
11 www.blogger.com volatility-labs.blogspot.com
apis.google.com
www.blogger.com
3 volatility-labs.blogspot.com volatility-labs.blogspot.com
2 www.google-analytics.com volatility-labs.blogspot.com
www.google-analytics.com
2 apis.google.com volatility-labs.blogspot.com
apis.google.com
1 resources.blogblog.com www.blogger.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 www.blogblog.com volatility-labs.blogspot.com
1 pagead2.googlesyndication.com volatility-labs.blogspot.com
23 9
Subject Issuer Validity Valid
misc-sni.blogspot.com
WE2		 2025-05-12 -
2025-08-04		 3 months crt.sh
*.blogger.com
WE2		 2025-05-12 -
2025-08-04		 3 months crt.sh
*.apis.google.com
WE2		 2025-05-12 -
2025-08-04		 3 months crt.sh
*.google-analytics.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.g.doubleclick.net
WE2		 2025-05-12 -
2025-08-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Frame ID: F9E5D3E87F9019859BFCBEEFB63FDC11
Requests: 15 HTTP requests in this frame

Frame: https://www.blogger.com/navbar/7693961727488638788?origin=https://volatility-labs.blogspot.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.NBdv2BYQ-cU.O%2Fd%3D1%2Frs%3DAHpOoo-NbxHnmQmAUnZkdwr5RsRbg2LF-w%2Fm%3D__features__
Frame ID: 4A4EB6D76363BF85B00798B17AD909CE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[Archive of Volatility Labs]

Page URL History Show full URLs

  1. http://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html' HTTP 307
    https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html' Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

23
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

12
IPs

2
Countries

476 kB
Transfer

1354 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html' HTTP 307
    https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html' Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request unpacking-dexter-pos-memory-dump.html'
volatility-labs.blogspot.com/2012/12/
Redirect Chain
  • http://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
  • https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
45 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
76dc4c8609d19da8060a324662ef70593032e1eafb9e3b739f8f9b4ea6a46256
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
9781
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
content-type
text/html; charset=UTF-8
date
Tue, 27 May 2025 10:57:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Location
https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Non-Authoritative-Reason
HttpsUpgrades
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Requested by
Host: volatility-labs.blogspot.com
URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

content-encoding
gzip
age
5750
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:21:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:21:40 GMT
last-modified
Tue, 27 May 2025 06:50:46 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
7756
x-xss-protection
0
server
sffe
platform.js
apis.google.com/js/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: volatility-labs.blogspot.com
URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
741e66a3ca32fd3bf2644442faf4b5402d93bbfe0b197c671a55f4aa352af5be
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

content-encoding
gzip
etag
"5e931970df3253c9"
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options
nosniff
expires
Tue, 27 May 2025 10:57:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 10:57:30 GMT
content-type
text/javascript
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="gapi-team"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
24163
x-xss-protection
0
server
sffe
cookienotice.js
volatility-labs.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://volatility-labs.blogspot.com/js/cookienotice.js
Requested by
Host: volatility-labs.blogspot.com
URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'

Response headers

content-encoding
gzip
age
7490
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Tue, 03 Jun 2025 08:52:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 08:52:40 GMT
last-modified
Tue, 27 May 2025 06:50:46 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
2026
x-xss-protection
0
server
sffe
3443796911-widgets.js
www.blogger.com/static/v1/widgets/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3443796911-widgets.js
Requested by
Host: volatility-labs.blogspot.com
URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c249da8ae0192201ec9deaec5ba4e711e589179ae9c2da3f8f82184949f560ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

content-encoding
gzip
age
5501
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:25:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:25:49 GMT
last-modified
Mon, 26 May 2025 21:48:56 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
51946
x-xss-protection
0
server
sffe
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: volatility-labs.blogspot.com
URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

content-encoding
gzip
age
5270
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 27 May 2025 11:29:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:29:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20994
server
Golfe2
authorization.css
www.blogger.com/dyn-css/ 		1 B
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7693961727488638788&zx=67b7be53-d5a4-404e-8f82-9134a173d9e3
Requested by
Host: volatility-labs.blogspot.com
URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-length
21
date
Tue, 27 May 2025 10:57:30 GMT
x-xss-protection
1; mode=block
content-type
text/css; charset=UTF-8
last-modified
Tue, 27 May 2025 10:57:30 GMT
server
GSE
x-frame-options
SAMEORIGIN
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.NBdv2BYQ-cU.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NbxHnmQmAUnZkdwr5RsRbg2LF-w/ 		175 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.NBdv2BYQ-cU.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NbxHnmQmAUnZkdwr5RsRbg2LF-w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34a8abadad0c010b2af2c4c876410d97c95ca8a6e720e8431cb119f7d28a4ce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

content-encoding
gzip
age
401472
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options
nosniff
expires
Fri, 22 May 2026 19:26:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 22 May 2025 19:26:18 GMT
last-modified
Mon, 28 Apr 2025 17:31:11 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges
bytes
access-control-allow-origin
*
content-length
58901
x-xss-protection
0
server
sffe
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: volatility-labs.blogspot.com
URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

content-encoding
br
etag
13036835877489095579
age
49112
x-content-type-options
nosniff
expires
Mon, 09 Jun 2025 21:18:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 26 May 2025 21:18:58 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
42
x-xss-protection
0
server
cafe
tabs_gradient_light.png
www.blogblog.com/1kt/awesomeinc/ 		182 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogblog.com/1kt/awesomeinc/tabs_gradient_light.png
Requested by
Host: volatility-labs.blogspot.com
URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

cache-control
public, max-age=604800
age
4937
cross-origin-resource-policy
cross-origin
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Tue, 03 Jun 2025 09:35:13 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
182
x-xss-protection
0
date
Tue, 27 May 2025 09:35:13 GMT
last-modified
Tue, 27 May 2025 08:56:08 GMT
content-type
image/png
server
sffe
7693961727488638788
www.blogger.com/navbar/ Frame 4A4E 		28 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar/7693961727488638788?origin=https://volatility-labs.blogspot.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.NBdv2BYQ-cU.O%2Fd%3D1%2Frs%3DAHpOoo-NbxHnmQmAUnZkdwr5RsRbg2LF-w%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.NBdv2BYQ-cU.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-NbxHnmQmAUnZkdwr5RsRbg2LF-w/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ffeafb0daf50039973d66494dc831481b8fb1f9e4640273857eb7207145cf343
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://volatility-labs.blogspot.com require-trusted-types-for 'script';report-uri /_/BloggerNavbarUi/cspreport script-src 'report-sample' 'nonce-g0hmATPACRSITCx3FC1FcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerNavbarUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /_/BloggerNavbarUi/cspreport/allowlist
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://volatility-labs.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors https://volatility-labs.blogspot.com require-trusted-types-for 'script';report-uri /_/BloggerNavbarUi/cspreport script-src 'report-sample' 'nonce-g0hmATPACRSITCx3FC1FcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerNavbarUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /_/BloggerNavbarUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 27 May 2025 10:57:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/_/BloggerNavbarUi/web-reports?context=eJzjCtDikmLw05BiqHXfyVR6ZSeT06ubTDK9t5geT7nF1HrzHOtUIDZUuMTqCMQSIldYiySusDYB8aeqG6xC1TdYk9hvshYB8ZqNt1i3ALEQD8esrdcOsgncWPvxP6OSUlJ-YXxSTn56empRaWZxalFZalG8kYGRqYGpkZmegUF8gQEAIhwybw"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		15 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=29244820&t=pageview&_s=1&dl=https%3A%2F%2Fvolatility-labs.blogspot.com%2F2012%2F12%2Funpacking-dexter-pos-memory-dump.html%27&ul=de-de&de=UTF-8&dt=%5BArchive%20of%20Volatility%20Labs%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1738348019&gjid=498809847&cid=1569980355.1748343450&tid=UA-6968853-8&_gid=365746565.1748343450&_r=1&_slc=1&z=1180625868
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1fbdb249fa4e2f6a7adfb4f83248652a172daea9caf68e9290a2e898d98e3287
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://volatility-labs.blogspot.com/

Response headers

report-to
{"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 10:57:30 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://volatility-labs.blogspot.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:175:0
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		329 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PPY54KV1N2&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f182283fae0b416409a1a22b19efaca5ba6253140b5a8d82edef712a87864b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
expires
Tue, 27 May 2025 10:57:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 10:57:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1075:0
content-length
118799
x-xss-protection
0
server
Google Tag Manager
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7693961727488638788&zx=67b7be53-d5a4-404e-8f82-9134a173d9e3
Requested by
Host: volatility-labs.blogspot.com
URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.201 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f9.1e100.net
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-length
21
date
Tue, 27 May 2025 10:57:30 GMT
x-xss-protection
1; mode=block
content-type
text/css; charset=UTF-8
last-modified
Tue, 27 May 2025 10:57:30 GMT
server
GSE
x-frame-options
SAMEORIGIN
m=_b,_tp
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/am=AAADtgAg/d=1/excm=_b,_tp,navbarview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3ERB5s-M7NDs0nJg6anF7nX_cNzQ/ Frame 4A4E 		192 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/am=AAADtgAg/d=1/excm=_b,_tp,navbarview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3ERB5s-M7NDs0nJg6anF7nX_cNzQ/m=_b,_tp
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar/7693961727488638788?origin=https://volatility-labs.blogspot.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.NBdv2BYQ-cU.O%2Fd%3D1%2Frs%3DAHpOoo-NbxHnmQmAUnZkdwr5RsRbg2LF-w%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24042402d481f10a0c2fa41df0e697daa53ecf0ae468f8cb5a8188a8babf50cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.blogger.com/

Response headers

content-encoding
gzip
age
5985
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:17:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:17:45 GMT
last-modified
Sat, 24 May 2025 05:06:24 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
accept-ranges
bytes
content-length
69176
x-xss-protection
0
server
sffe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PPY54KV1N2&gtm=45je55l1v9111089971za200&_p=1748343450503&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101509157~103116026~103130495~103130497~103200004~103233427~103252644~103252646~104481633~104481635&ul=de-de&sr=1600x1200&cid=1569980355.1748343450&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fvolatility-labs.blogspot.com%2F2012%2F12%2Funpacking-dexter-pos-memory-dump.html%27&dt=%5BArchive%20of%20Volatility%20Labs%5D&sid=1748343450&sct=1&seg=0&_tu=wAQ&en=page_view&_fv=1&_ss=1&_ee=1&tfd=557
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY54KV1N2&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:99:0
report-to
{"group":"ascnsrsggc:99:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:99:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://volatility-labs.blogspot.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:99:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 10:57:30 GMT
content-type
text/plain
server
Golfe2
icons_peach.png
resources.blogblog.com/img/navbar/ Frame 4A4E 		907 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/navbar/icons_peach.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar/7693961727488638788?origin=https://volatility-labs.blogspot.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.NBdv2BYQ-cU.O%2Fd%3D1%2Frs%3DAHpOoo-NbxHnmQmAUnZkdwr5RsRbg2LF-w%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.blogger.com/

Response headers

cache-control
public, max-age=604800
age
11218
cross-origin-resource-policy
cross-origin
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Tue, 03 Jun 2025 07:50:32 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
907
x-xss-protection
0
date
Tue, 27 May 2025 07:50:32 GMT
last-modified
Mon, 26 May 2025 09:50:07 GMT
content-type
image/png
server
sffe
m=ws9Tlc,n73qwf,aW3pY,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,ZDZcre,OTA3Ae,ZwDk9d,RyvaUb,WO9ee,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,V3dDOb,XVMNvd,KUM7Z,qTnoBf,lwddkf,gychg,w9hDv,RMhBfe...
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/ck=boq-blogger.BloggerNavbarUi.ftl7c4YOUqQ.L.B1.O/am=AAADtgAg/d=1/exm=_b,_tp/excm=_b,_tp,navbarview/ed=1/wt=... Frame 4A4E 		238 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/ck=boq-blogger.BloggerNavbarUi.ftl7c4YOUqQ.L.B1.O/am=AAADtgAg/d=1/exm=_b,_tp/excm=_b,_tp,navbarview/ed=1/wt=2/ujg=1/rs=AEy-KP2cJ5blDQ7Es-m2pgNc68exI-_wXg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,aW3pY,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,ZDZcre,OTA3Ae,ZwDk9d,RyvaUb,WO9ee,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,V3dDOb,XVMNvd,KUM7Z,qTnoBf,lwddkf,gychg,w9hDv,RMhBfe,SdcwHb,pw70Gc,EFQ78c,Ulmmrd,A7fCU,xQtZb,JNoxi,BVgquf,QIhFr,hc6Ubd,SpsfSb,Z5uLle,BBI74,MdUzUe,zbML3c,zr1jrb,Uas9Hd,pjICDe
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/am=AAADtgAg/d=1/excm=_b,_tp,navbarview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3ERB5s-M7NDs0nJg6anF7nX_cNzQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f9.1e100.net
Software
sffe /
Resource Hash
071eb13defb5af5f580024e5db7be926eb1f7f13467b8a81ea76cffe726a25ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.blogger.com/

Response headers

content-encoding
gzip
age
4871
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:36:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:36:19 GMT
last-modified
Sat, 24 May 2025 01:05:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
accept-ranges
bytes
content-length
85601
x-xss-protection
0
server
sffe
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/ck=boq-blogger.BloggerNavbarUi.ftl7c4YOUqQ.L.B1.O/am=AAADtgAg/d=1/exm=A7fCU,BBI74,BVgquf,EFQ78c,GkRiKb,IZT63... Frame 4A4E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/ck=boq-blogger.BloggerNavbarUi.ftl7c4YOUqQ.L.B1.O/am=AAADtgAg/d=1/exm=A7fCU,BBI74,BVgquf,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,LEikZe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,PrPYRd,QIhFr,RMhBfe,RyvaUb,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZwDk9d,_b,_tp,aW3pY,byfTOb,e5qFLc,gychg,hc6Ubd,lsjVmc,lwddkf,n73qwf,pjICDe,pw70Gc,qTnoBf,w9hDv,ws9Tlc,xQtZb,xUdipf,zbML3c,zr1jrb/excm=_b,_tp,navbarview/ed=1/wt=2/ujg=1/rs=AEy-KP2cJ5blDQ7Es-m2pgNc68exI-_wXg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/am=AAADtgAg/d=1/excm=_b,_tp,navbarview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3ERB5s-M7NDs0nJg6anF7nX_cNzQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f9.1e100.net
Software
sffe /
Resource Hash
ab4823adcdc6812a012b02082a8257c5e44aa382abb315617d47af041e79020c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.blogger.com/

Response headers

content-encoding
gzip
age
5871
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:19:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:19:39 GMT
last-modified
Sat, 24 May 2025 01:05:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
accept-ranges
bytes
content-length
2298
x-xss-protection
0
server
sffe
m=hkrsAe
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/ck=boq-blogger.BloggerNavbarUi.ftl7c4YOUqQ.L.B1.O/am=AAADtgAg/d=1/exm=A7fCU,BBI74,BVgquf,EFQ78c,FCpbqb,GkRiK... Frame 4A4E 		627 B
408 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/ck=boq-blogger.BloggerNavbarUi.ftl7c4YOUqQ.L.B1.O/am=AAADtgAg/d=1/exm=A7fCU,BBI74,BVgquf,EFQ78c,FCpbqb,GkRiKb,IZT63,JNoxi,KUM7Z,LEikZe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,PrPYRd,QIhFr,RMhBfe,RyvaUb,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,WO9ee,WhJNk,Wt6vjf,XVMNvd,Z5uLle,ZDZcre,ZwDk9d,_b,_tp,aW3pY,byfTOb,e5qFLc,gychg,hc6Ubd,hhhU8,lsjVmc,lwddkf,n73qwf,pjICDe,pw70Gc,qTnoBf,w9hDv,ws9Tlc,xQtZb,xUdipf,zbML3c,zr1jrb/excm=_b,_tp,navbarview/ed=1/wt=2/ujg=1/rs=AEy-KP2cJ5blDQ7Es-m2pgNc68exI-_wXg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=hkrsAe
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/am=AAADtgAg/d=1/excm=_b,_tp,navbarview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3ERB5s-M7NDs0nJg6anF7nX_cNzQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f9.1e100.net
Software
sffe /
Resource Hash
e08864d383cfa43a779c124f3ef011ebe6d424eb954e86ab63dc0fcaa0542509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.blogger.com/

Response headers

content-encoding
gzip
age
4599
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:40:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:40:51 GMT
last-modified
Sat, 24 May 2025 01:05:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
accept-ranges
bytes
content-length
382
x-xss-protection
0
server
sffe
favicon.ico
volatility-labs.blogspot.com/ 		1 KB
719 B 		Other
General
Check archive.org
Download Go to
Full URL
https://volatility-labs.blogspot.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
GSE /
Resource Hash
70188aa2bfc611f555916f046c16f87616812af8a3de21eb771401646a4d451d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'

Response headers

cache-control
private, max-age=86400
content-encoding
gzip
etag
W/"91477deea2d4b774914b8aea99fba39eada2af7d58e41096adf001bd4911f39d"
x-content-type-options
nosniff
expires
Tue, 27 May 2025 10:57:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
699
date
Tue, 27 May 2025 10:57:30 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon
last-modified
Thu, 22 May 2025 13:20:02 GMT
server
GSE
m=p3hmRc,LvGhrf,RqjULd
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/ck=boq-blogger.BloggerNavbarUi.ftl7c4YOUqQ.L.B1.O/am=AAADtgAg/d=1/exm=A7fCU,BBI74,BVgquf,EFQ78c,FCpbqb,GkRiK... Frame 4A4E 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/ck=boq-blogger.BloggerNavbarUi.ftl7c4YOUqQ.L.B1.O/am=AAADtgAg/d=1/exm=A7fCU,BBI74,BVgquf,EFQ78c,FCpbqb,GkRiKb,IZT63,JNoxi,KUM7Z,LEikZe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,PrPYRd,QIhFr,RMhBfe,RyvaUb,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,WO9ee,WhJNk,Wt6vjf,XVMNvd,Z5uLle,ZDZcre,ZwDk9d,_b,_tp,aW3pY,byfTOb,e5qFLc,gychg,hc6Ubd,hhhU8,hkrsAe,lsjVmc,lwddkf,n73qwf,pjICDe,pw70Gc,qTnoBf,w9hDv,ws9Tlc,xQtZb,xUdipf,zbML3c,zr1jrb/excm=_b,_tp,navbarview/ed=1/wt=2/ujg=1/rs=AEy-KP2cJ5blDQ7Es-m2pgNc68exI-_wXg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=p3hmRc,LvGhrf,RqjULd
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/am=AAADtgAg/d=1/excm=_b,_tp,navbarview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3ERB5s-M7NDs0nJg6anF7nX_cNzQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f9.1e100.net
Software
sffe /
Resource Hash
0939473222782f5b85fa5c9ee58dc310dd6d1357ad594f02ed86dbbe2429d357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.blogger.com/

Response headers

content-encoding
gzip
age
5826
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:20:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:20:24 GMT
last-modified
Sat, 24 May 2025 01:05:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
accept-ranges
bytes
content-length
14268
x-xss-protection
0
server
sffe
m=P6sQOc
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/ck=boq-blogger.BloggerNavbarUi.ftl7c4YOUqQ.L.B1.O/am=AAADtgAg/d=1/exm=A7fCU,BBI74,BVgquf,EFQ78c,FCpbqb,GkRiK... Frame 4A4E 		1 KB
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/ck=boq-blogger.BloggerNavbarUi.ftl7c4YOUqQ.L.B1.O/am=AAADtgAg/d=1/exm=A7fCU,BBI74,BVgquf,EFQ78c,FCpbqb,GkRiKb,IZT63,JNoxi,KUM7Z,LEikZe,LvGhrf,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,PrPYRd,QIhFr,RMhBfe,RqjULd,RyvaUb,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,WO9ee,WhJNk,Wt6vjf,XVMNvd,Z5uLle,ZDZcre,ZwDk9d,_b,_tp,aW3pY,byfTOb,e5qFLc,gychg,hc6Ubd,hhhU8,hkrsAe,lsjVmc,lwddkf,n73qwf,p3hmRc,pjICDe,pw70Gc,qTnoBf,w9hDv,ws9Tlc,xQtZb,xUdipf,zbML3c,zr1jrb/excm=_b,_tp,navbarview/ed=1/wt=2/ujg=1/rs=AEy-KP2cJ5blDQ7Es-m2pgNc68exI-_wXg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NJ1rfe:qTnoBf;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:QIhFr;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:nMC03e;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerNavbarUi.de.CC4Xk8wDD9s.es5.O/am=AAADtgAg/d=1/excm=_b,_tp,navbarview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3ERB5s-M7NDs0nJg6anF7nX_cNzQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f9.1e100.net
Software
sffe /
Resource Hash
e67338b7316d6985b233828e6c7ae5cb80b8dd6f6fd3191e4f6be1c0c8d3a9c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer
https://www.blogger.com/

Response headers

content-encoding
gzip
age
5921
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 09:18:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 09:18:49 GMT
last-modified
Sat, 24 May 2025 01:05:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
accept-ranges
bytes
content-length
687
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

65 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 string| GoogleAnalyticsObject function| ga object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| _F_toggles object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| google_empty_script_included object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

4 Cookies

Domain/Path Name / Value
.volatility-labs.blogspot.com/ Name: _ga
Value: GA1.3.1569980355.1748343450
.volatility-labs.blogspot.com/ Name: _gid
Value: GA1.3.365746565.1748343450
.volatility-labs.blogspot.com/ Name: _gat_blogger
Value: 1
.volatility-labs.blogspot.com/ Name: _ga_PPY54KV1N2
Value: GS2.3.s1748343450$o1$g0$t1748343450$j0$l0$h0

1 Console Messages

Source Level URL
Text
network error URL: https://volatility-labs.blogspot.com/2012/12/unpacking-dexter-pos-memory-dump.html'
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
pagead2.googlesyndication.com
region1.google-analytics.com
resources.blogblog.com
volatility-labs.blogspot.com
www.blogblog.com
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
142.250.181.225
142.250.184.201
142.250.185.130
142.250.186.169
2001:4860:4802:34::36
2001:4860:4802:36::178
2a00:1450:4001:802::2008
2a00:1450:4001:80e::2009
2a00:1450:4001:811::200e
2a00:1450:4001:82f::2009
2a00:1450:4001:830::2009
2a00:1450:4001:831::2001
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
071eb13defb5af5f580024e5db7be926eb1f7f13467b8a81ea76cffe726a25ed
0939473222782f5b85fa5c9ee58dc310dd6d1357ad594f02ed86dbbe2429d357
1fbdb249fa4e2f6a7adfb4f83248652a172daea9caf68e9290a2e898d98e3287
24042402d481f10a0c2fa41df0e697daa53ecf0ae468f8cb5a8188a8babf50cd
34a8abadad0c010b2af2c4c876410d97c95ca8a6e720e8431cb119f7d28a4ce3
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
70188aa2bfc611f555916f046c16f87616812af8a3de21eb771401646a4d451d
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
741e66a3ca32fd3bf2644442faf4b5402d93bbfe0b197c671a55f4aa352af5be
76dc4c8609d19da8060a324662ef70593032e1eafb9e3b739f8f9b4ea6a46256
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
ab4823adcdc6812a012b02082a8257c5e44aa382abb315617d47af041e79020c
c249da8ae0192201ec9deaec5ba4e711e589179ae9c2da3f8f82184949f560ff
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e08864d383cfa43a779c124f3ef011ebe6d424eb954e86ab63dc0fcaa0542509
e67338b7316d6985b233828e6c7ae5cb80b8dd6f6fd3191e4f6be1c0c8d3a9c7
f182283fae0b416409a1a22b19efaca5ba6253140b5a8d82edef712a87864b92
ffeafb0daf50039973d66494dc831481b8fb1f9e4640273857eb7207145cf343