| mastqalandernews.blogspot.com/ | 216.58.207.225 | 200 OK | 28 kB |
URL User Request GET HTTP/2mastqalandernews.blogspot.com/ IP216.58.207.225:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintA4:03:49:6F:80:6E:27:69:C4:CF:7F:94:FC:BC:3C:1F:D5:28:AE:B5 ValidityMon, 04 Mar 2024 06:55:13 GMT - Mon, 27 May 2024 06:55:12 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5475) Hashe2720fd4c26a6fd452ba8b32a4aa5ddb 518846e8e5eadc684e564a642dce087063f70022 a89a50dd1615262b8074d27061fc178caca963e2d0cc0f0d090882d76510780d
GET / HTTP/1.1
Host: mastqalandernews.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 18 Apr 2024 10:46:33 GMT
date: Thu, 18 Apr 2024 10:46:33 GMT
cache-control: private, max-age=0
last-modified: Thu, 18 Apr 2024 10:27:54 GMT
etag: W/"209dbee3a4e6bfd945cc620490e2e0ce1a4db49d3188279b7d43d4fa5abe77bb"
x-robots-tag: noindex,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28207
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mastqalandernews.blogspot.com/js/cookienotice.js | 216.58.207.225 | 200 OK | 2.0 kB |
URL GET HTTP/3mastqalandernews.blogspot.com/js/cookienotice.js IP216.58.207.225:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintA4:03:49:6F:80:6E:27:69:C4:CF:7F:94:FC:BC:3C:1F:D5:28:AE:B5 ValidityMon, 04 Mar 2024 06:55:13 GMT - Mon, 27 May 2024 06:55:12 GMT
File typeJavaScript source, ASCII text Hasha705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: mastqalandernews.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 11:26:24 GMT
expires: Wed, 24 Apr 2024 11:26:24 GMT
cache-control: public, max-age=604800
last-modified: Wed, 17 Apr 2024 09:59:29 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 84009
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| mastqalandernews.blogspot.com/responsive/sprite_v1_6.css.svg | 216.58.207.225 | 200 OK | 2.2 kB |
URL GET HTTP/3mastqalandernews.blogspot.com/responsive/sprite_v1_6.css.svg IP216.58.207.225:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintA4:03:49:6F:80:6E:27:69:C4:CF:7F:94:FC:BC:3C:1F:D5:28:AE:B5 ValidityMon, 04 Mar 2024 06:55:13 GMT - Mon, 27 May 2024 06:55:12 GMT
File typeSVG Scalable Vector Graphics image Hashd4dcfc8144f556815c7a1d84ed4e959e 22088bd6cdf970dcf7bfab9a74a4768548ca8890 73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
GET /responsive/sprite_v1_6.css.svg HTTP/1.1
Host: mastqalandernews.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 11:26:24 GMT
expires: Wed, 24 Apr 2024 11:26:24 GMT
cache-control: public, max-age=604800
last-modified: Wed, 17 Apr 2024 09:59:29 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 84009
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mastqalandernews.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:01 GMT
expires: Fri, 18 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 29372
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js | 142.250.74.35 | 200 OK | 3.5 kB |
URL GET HTTP/2www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js IP142.250.74.35:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10473) Hash158013acb7e269a3dbe18de855656c97 08fa355584fc849539b3f04589ae6f61eb4a7d98 92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 10:46:34 GMT
expires: Thu, 18 Apr 2024 10:46:34 GMT
cache-control: public, max-age=0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| resources.blogblog.com/blogblog/data/res/3565202934-indie_compiled.js | 216.58.207.233 | 200 OK | 47 kB |
URL GET HTTP/2resources.blogblog.com/blogblog/data/res/3565202934-indie_compiled.js IP216.58.207.233:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17 ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT
File typeJavaScript source, ASCII text, with very long lines (2179) Hash9be5ac80ae96362ed40d76f4f8954994 a4b96ee155482296c747b486eeae18b91139ba6d 37ecaf7a695ecc6e2494f737eac939de9878bb9aa52fa8a938b540af2d1b4c93
GET /blogblog/data/res/3565202934-indie_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 47404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 02:25:15 GMT
expires: Mon, 22 Apr 2024 02:25:15 GMT
cache-control: public, max-age=604800
last-modified: Mon, 15 Apr 2024 01:51:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 289279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600 | 142.250.74.97 | 200 OK | 228 kB |
URL GET HTTP/2themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600 IP142.250.74.97:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, description=Sunset afterglow and twlight dunes in White Sands National Monument, software=Picasa], baseline, precision 8, 1600x1067, components 3 Size228 kB (228521 bytes) Hashe66ef1f4c654be20558150214aa2b85a ad1dfbefad9a21e48aeeac1bae9f8a5b8ea1ef3c 6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
GET /image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Fri, 19 Apr 2024 10:46:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 10:46:34 GMT
server: fife
content-length: 228521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.blogger.com/static/v1/widgets/517362887-widgets.js | 216.58.207.233 | 200 OK | 52 kB |
URL GET HTTP/2www.blogger.com/static/v1/widgets/517362887-widgets.js IP216.58.207.233:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17 ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT
File typeJavaScript source, ASCII text, with very long lines (1941) Hash86de7fcdc04a3785d1993eb37f6195b1 4a5e86cb75b2293474687d0df446be05f82834d5 94b59a1adfdfdf56b53562950e3e27938b87028f31544b2ba65d71be73c83e6c
GET /static/v1/widgets/517362887-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 51586
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 02:15:44 GMT
expires: Tue, 15 Apr 2025 02:15:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 01:51:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 289850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.topcreativeformat.com/dc312870bf7b4d224db9df239a1120bb/invoke.js | 192.243.61.225 | 200 OK | 12 kB |
URL GET HTTP/1.1www.topcreativeformat.com/dc312870bf7b4d224db9df239a1120bb/invoke.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjecttopcreativeformat.com Fingerprint6D:98:D9:61:FC:CF:D9:8C:FE:5E:1C:15:5A:A5:F2:28:38:04:A4:A4 ValidityWed, 20 Mar 2024 07:51:41 GMT - Tue, 18 Jun 2024 07:51:40 GMT
File typeJavaScript source, ASCII text, with very long lines (31305), with no line terminators Hash44967d820e2bde508ae7d00cfa2a81c8 ac1c247249e010b9d787b1b2544c5ebf9da79a49 2c11f8a0892d33b76d8c6d8eef843231aff45941be586c08c2da1b37583bbe80
GET /dc312870bf7b4d224db9df239a1120bb/invoke.js HTTP/1.1
Host: www.topcreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94e95590859c67f916e2b552c80270ab
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mastqalandernews.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:32 GMT
expires: Wed, 16 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 172802
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwR01bC0DdFB3kNbS9ORHB3bSf4DuWgz4aDSDdrXZWEeZvrvEufISFj0uX4vzej827-TBxsAFmKoo6j-5_pFivycXV2pNDcJv12JwFTgd4P75ypwEH-QB1yLMii0c29KIHb7dTZ-C1VX9RS3ATKm3K8Ep7zXzopap20JHqXUpK-FxwsTrRRPV0G2f4Aqc/w128-h128-p-k-no-nu/01.jpg | 142.250.74.97 | 200 OK | 5.2 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhwR01bC0DdFB3kNbS9ORHB3bSf4DuWgz4aDSDdrXZWEeZvrvEufISFj0uX4vzej827-TBxsAFmKoo6j-5_pFivycXV2pNDcJv12JwFTgd4P75ypwEH-QB1yLMii0c29KIHb7dTZ-C1VX9RS3ATKm3K8Ep7zXzopap20JHqXUpK-FxwsTrRRPV0G2f4Aqc/w128-h128-p-k-no-nu/01.jpg IP142.250.74.97:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 128x128, components 3 Hash2af1835c16679f9fb60f5936ad7cf499 97fc146d04c76cb995829ca6a127db7e2c2d0273 29d045f5258599062427a59adbb1700274285dc96ea9c5ef7d4e3581e079896c
GET /img/b/R29vZ2xl/AVvXsEhwR01bC0DdFB3kNbS9ORHB3bSf4DuWgz4aDSDdrXZWEeZvrvEufISFj0uX4vzej827-TBxsAFmKoo6j-5_pFivycXV2pNDcJv12JwFTgd4P75ypwEH-QB1yLMii0c29KIHb7dTZ-C1VX9RS3ATKm3K8Ep7zXzopap20JHqXUpK-FxwsTrRRPV0G2f4Aqc/w128-h128-p-k-no-nu/01.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "va1"
expires: Fri, 19 Apr 2024 10:46:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="01.jpg"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 10:46:34 GMT
server: fife
content-length: 5249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.196.110.226 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.196.110.226:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hasha3a7c5337b3e7d8cdcf0a0cdcb7568dc 92a7890dd498233c07e32160c39856d79aa59482 dcd166d65d49f1d2e2a18dfa2d0cf3afa3341539b7369d3d7dd3a0a78f18bbaa
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mastqalandernews.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:46:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mastqalandernews.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=5dcdb0e7-e8d0-4829-83d9-213e7223f489:3:1; expires=Sun, 16 Apr 2034 10:46:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZJDP0dp_VNZL-eW4kVvJ72Xenan6EbjW7ZVTMJeTvi8udHpyUHu4Z3dDhkjLYdC-JQ6oAIYh5Jmbdlfh5TPJOM8bk1WjZHOFolBMXRQ2zp8nF5vuZI6lcReHHxzIbpO9H8HHMMv6I8lqOdycBSpg28fdWNlhD4oR3JqSyB19z_xDbNC0AWRxSLCHwF2g/w128-h128-p-k-no-nu/01.jpg | 142.250.74.97 | 200 OK | 6.2 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZJDP0dp_VNZL-eW4kVvJ72Xenan6EbjW7ZVTMJeTvi8udHpyUHu4Z3dDhkjLYdC-JQ6oAIYh5Jmbdlfh5TPJOM8bk1WjZHOFolBMXRQ2zp8nF5vuZI6lcReHHxzIbpO9H8HHMMv6I8lqOdycBSpg28fdWNlhD4oR3JqSyB19z_xDbNC0AWRxSLCHwF2g/w128-h128-p-k-no-nu/01.jpg IP142.250.74.97:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 128x128, components 3 Hashd847211d142376c7b27cd3192eac7c80 fbb75eb1dcd9e1f906139f5bb76dbefd9831f6a3 0ebe311b1e6f8e2ff9b29846f92594f389aef68c05fc7f0929f2e5291e1c3541
GET /img/b/R29vZ2xl/AVvXsEiZJDP0dp_VNZL-eW4kVvJ72Xenan6EbjW7ZVTMJeTvi8udHpyUHu4Z3dDhkjLYdC-JQ6oAIYh5Jmbdlfh5TPJOM8bk1WjZHOFolBMXRQ2zp8nF5vuZI6lcReHHxzIbpO9H8HHMMv6I8lqOdycBSpg28fdWNlhD4oR3JqSyB19z_xDbNC0AWRxSLCHwF2g/w128-h128-p-k-no-nu/01.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v99"
expires: Fri, 19 Apr 2024 10:46:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="01.jpg"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 10:46:34 GMT
server: fife
content-length: 6171
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog | 216.58.207.233 | 302 Found | 306 B |
URL GET HTTP/2www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog IP216.58.207.233:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17 ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT
File typeHTML document, ASCII text, with very long lines (356) Hashf6b2849de84fa7073c6e232019dca13b 3e0e09d4a253b31a8760a643593b09dbe7dd305b c4f394687ce8607152f8ac715411db5503ccc394b78c03e35cb512b4cab1e978
GET /blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://mastqalandernews.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://mastqalandernews.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Thu, 18 Apr 2024 10:46:34 GMT
expires: Thu, 18 Apr 2024 10:46:34 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 306
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXTUlGg0GzSQdd04A-DIKwA4WyrEcYRVmoy42nojMHR4C6qgYZiRA8xVZwOGRIto5V8VDk743zNobSWW6aAwr7pjNUuO5eFbfvcqNvZSgdXTKyJxcoS5iij9xC7ZLaVFIg-z9iCZiJQqiL0Wpq91FDaBF4iQ9FdZubb8a3ABA1AJfVMxV_CgKNgYIw3JY/w128-h128-p-k-no-nu/01.jpg | 142.250.74.97 | 200 OK | 14 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXTUlGg0GzSQdd04A-DIKwA4WyrEcYRVmoy42nojMHR4C6qgYZiRA8xVZwOGRIto5V8VDk743zNobSWW6aAwr7pjNUuO5eFbfvcqNvZSgdXTKyJxcoS5iij9xC7ZLaVFIg-z9iCZiJQqiL0Wpq91FDaBF4iQ9FdZubb8a3ABA1AJfVMxV_CgKNgYIw3JY/w128-h128-p-k-no-nu/01.jpg IP142.250.74.97:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 128x128, components 3 Hash8ef72a5e294da4d9bfc24bd3197e1771 f4c11838d413d27a1f0fb3d8ddecf67c8e751f8d 1d69a93ab9e479b7f4085243b98285d25a0faf1c51410cb855811bfb93500159
GET /img/b/R29vZ2xl/AVvXsEiXTUlGg0GzSQdd04A-DIKwA4WyrEcYRVmoy42nojMHR4C6qgYZiRA8xVZwOGRIto5V8VDk743zNobSWW6aAwr7pjNUuO5eFbfvcqNvZSgdXTKyJxcoS5iij9xC7ZLaVFIg-z9iCZiJQqiL0Wpq91FDaBF4iQ9FdZubb8a3ABA1AJfVMxV_CgKNgYIw3JY/w128-h128-p-k-no-nu/01.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v9b"
expires: Fri, 19 Apr 2024 10:46:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="01.jpg"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 10:46:34 GMT
server: fife
content-length: 13837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkisGVgCw24MGPGby0VadqTtTViYhAt0-CtKEGYmEMpgf330Nnvp-cA5BKDLBPovOTTHaEs7bN2NcpNhK8N9lUI5PS7VuyoI1DBI7Ygz0JuKoZWCuQklvzrH08l1LUobClczKUXG6DToNeHMql9S2n1RJklJfGcN-nfJEACfcbI5e9FN7O2yqTfC-Ap28/w128-h128-p-k-no-nu/01.jpg | 142.250.74.97 | 200 OK | 7.2 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkisGVgCw24MGPGby0VadqTtTViYhAt0-CtKEGYmEMpgf330Nnvp-cA5BKDLBPovOTTHaEs7bN2NcpNhK8N9lUI5PS7VuyoI1DBI7Ygz0JuKoZWCuQklvzrH08l1LUobClczKUXG6DToNeHMql9S2n1RJklJfGcN-nfJEACfcbI5e9FN7O2yqTfC-Ap28/w128-h128-p-k-no-nu/01.jpg IP142.250.74.97:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 128x128, components 3 Hash0aa92029cbe5ff1329fcbccf4c7d6be6 ba7e1907bf055c99c15740be7e430bd7ce04b8f4 8cb68d4894911fc6c4c4ec5a014828fba9c9646f5533dd428e8446e3ac6337ce
GET /img/b/R29vZ2xl/AVvXsEjkisGVgCw24MGPGby0VadqTtTViYhAt0-CtKEGYmEMpgf330Nnvp-cA5BKDLBPovOTTHaEs7bN2NcpNhK8N9lUI5PS7VuyoI1DBI7Ygz0JuKoZWCuQklvzrH08l1LUobClczKUXG6DToNeHMql9S2n1RJklJfGcN-nfJEACfcbI5e9FN7O2yqTfC-Ap28/w128-h128-p-k-no-nu/01.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v9d"
expires: Fri, 19 Apr 2024 10:46:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="01.jpg"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 10:46:34 GMT
server: fife
content-length: 7228
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfMWZotpUvpscgJy1PnsE76r2Ym7xstY-v27L36dcgymJAPfcqG71dvMVmhRMnHzGSEWVTtJr8XCPp2GY7V_ojiGpEXvXqdSXIw2nPeq1vaFNyeJNaxFTtyL_8mjgz4M3tkYWNCmtsLfFrw-0aLQ1luScVSTJVtyX8EyOlSy1i0iQgRqcP_yF3R_hBoPk/w128-h128-p-k-no-nu/01.jpg | 142.250.74.97 | 200 OK | 6.0 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfMWZotpUvpscgJy1PnsE76r2Ym7xstY-v27L36dcgymJAPfcqG71dvMVmhRMnHzGSEWVTtJr8XCPp2GY7V_ojiGpEXvXqdSXIw2nPeq1vaFNyeJNaxFTtyL_8mjgz4M3tkYWNCmtsLfFrw-0aLQ1luScVSTJVtyX8EyOlSy1i0iQgRqcP_yF3R_hBoPk/w128-h128-p-k-no-nu/01.jpg IP142.250.74.97:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 128x128, components 3 Hash5c17dcfa482a34d6da9d0a45a8c045db 12a711e61a00f87798ee4b6196738cd7d400a402 0389ecdd9cb67a7437c1c968fb5452d3c505f8388e69e682026eeed80d190c1f
GET /img/b/R29vZ2xl/AVvXsEgfMWZotpUvpscgJy1PnsE76r2Ym7xstY-v27L36dcgymJAPfcqG71dvMVmhRMnHzGSEWVTtJr8XCPp2GY7V_ojiGpEXvXqdSXIw2nPeq1vaFNyeJNaxFTtyL_8mjgz4M3tkYWNCmtsLfFrw-0aLQ1luScVSTJVtyX8EyOlSy1i0iQgRqcP_yF3R_hBoPk/w128-h128-p-k-no-nu/01.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "va3"
expires: Fri, 19 Apr 2024 10:46:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="01.jpg"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 10:46:34 GMT
server: fife
content-length: 6041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsyxUDb3TDpjNv5Mr2wWbBkj9X2Kcl55eYew5qkN1xsh18DrI8G7j13a2cigFFy1UE0u8MQiIP82QoB8xuuoud2tcpM7HRJf9-B4gA_ezOCyEv-Eh-k9SYlEjovIWfTCzeDilyuG8FHQ7yEH4iOBcRk96TCd2KhIys7E40pU26-k5O2dv7XqCAoFFPTlo/w945-h600-p-k-no-nu/01.jpg | 142.250.74.97 | 200 OK | 18 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsyxUDb3TDpjNv5Mr2wWbBkj9X2Kcl55eYew5qkN1xsh18DrI8G7j13a2cigFFy1UE0u8MQiIP82QoB8xuuoud2tcpM7HRJf9-B4gA_ezOCyEv-Eh-k9SYlEjovIWfTCzeDilyuG8FHQ7yEH4iOBcRk96TCd2KhIys7E40pU26-k5O2dv7XqCAoFFPTlo/w945-h600-p-k-no-nu/01.jpg IP142.250.74.97:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x400, components 3 Hashec9045420a3fdb84bf149c26b25bc161 4fa73973ec755a465396649bceb2b85c9cb35645 e5dc2201be572ceafac0d7bc507bbf032e58bb58add7958b1796313b2b7bea0b
GET /img/b/R29vZ2xl/AVvXsEjsyxUDb3TDpjNv5Mr2wWbBkj9X2Kcl55eYew5qkN1xsh18DrI8G7j13a2cigFFy1UE0u8MQiIP82QoB8xuuoud2tcpM7HRJf9-B4gA_ezOCyEv-Eh-k9SYlEjovIWfTCzeDilyuG8FHQ7yEH4iOBcRk96TCd2KhIys7E40pU26-k5O2dv7XqCAoFFPTlo/w945-h600-p-k-no-nu/01.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "va5"
expires: Fri, 19 Apr 2024 10:46:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="01.jpg"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 10:46:34 GMT
server: fife
content-length: 17544
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhVWpB3JWuYovDEwDz8Jrx_VZbbi8YJ8999M0pIoW1AIzqkSee3goReXQoEPQdMbOPmxGuwdYJj-V2F_Whx5QvI2nIxM2WTWRpYGloVKT_t7X9sC85WU7CBcCX_tsGv1Vto_NoLgCraP7EfzLs-RaSW-e1fMAiByTI1HutJHRHEoGJhzI1KkcP99Q1neA/w128-h128-p-k-no-nu/01.png | 142.250.74.97 | 200 OK | 4.5 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhVWpB3JWuYovDEwDz8Jrx_VZbbi8YJ8999M0pIoW1AIzqkSee3goReXQoEPQdMbOPmxGuwdYJj-V2F_Whx5QvI2nIxM2WTWRpYGloVKT_t7X9sC85WU7CBcCX_tsGv1Vto_NoLgCraP7EfzLs-RaSW-e1fMAiByTI1HutJHRHEoGJhzI1KkcP99Q1neA/w128-h128-p-k-no-nu/01.png IP142.250.74.97:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typePNG image data, 128 x 128, 8-bit colormap, non-interlaced Hashf79ad3f8db42a5efca185fb815dc12c2 89002b8ced4e138e01ecb2cade31c557db0b9b50 24043a98e2436ea18f1bb3c5664432b609755e45ab3e9687471ae878c4f59c0f
GET /img/b/R29vZ2xl/AVvXsEhhVWpB3JWuYovDEwDz8Jrx_VZbbi8YJ8999M0pIoW1AIzqkSee3goReXQoEPQdMbOPmxGuwdYJj-V2F_Whx5QvI2nIxM2WTWRpYGloVKT_t7X9sC85WU7CBcCX_tsGv1Vto_NoLgCraP7EfzLs-RaSW-e1fMAiByTI1HutJHRHEoGJhzI1KkcP99Q1neA/w128-h128-p-k-no-nu/01.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v9f"
expires: Fri, 19 Apr 2024 10:46:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="01.png"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 10:46:34 GMT
server: fife
content-length: 4474
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/a/AVvXsEiRSpIuJXVgNl2M-zkwQVOPyf4VYaYyDFYW-ouRgxaug9zjsYB0YwxD02HU22qmoXKFRi2mrYEBTcisr4OcZnZSgen6vyg_0W9Hd0guY3vZvu1eunZx-4dXEGqXfLp_P47dN0mJY0Go8h-6U_BS7QtFitm50De-tiWBbhmT7shfScdeNWqDHQl9M1iY-WY=w800 | 142.250.74.97 | 200 OK | 25 kB |
URL GET HTTP/3blogger.googleusercontent.com/img/a/AVvXsEiRSpIuJXVgNl2M-zkwQVOPyf4VYaYyDFYW-ouRgxaug9zjsYB0YwxD02HU22qmoXKFRi2mrYEBTcisr4OcZnZSgen6vyg_0W9Hd0guY3vZvu1eunZx-4dXEGqXfLp_P47dN0mJY0Go8h-6U_BS7QtFitm50De-tiWBbhmT7shfScdeNWqDHQl9M1iY-WY=w800 IP142.250.74.97:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 800x225, components 3 Hash1b591fcd55baabf3fad2a146596ca2ce 4cd7a9476cf99380f5c2ee9bb8778697a0f4b0f0 82ae4fff3d22e45f08bf6c0eb91396cd86c2199d462b27d1c6151cf35c538783
GET /img/a/AVvXsEiRSpIuJXVgNl2M-zkwQVOPyf4VYaYyDFYW-ouRgxaug9zjsYB0YwxD02HU22qmoXKFRi2mrYEBTcisr4OcZnZSgen6vyg_0W9Hd0guY3vZvu1eunZx-4dXEGqXfLp_P47dN0mJY0Go8h-6U_BS7QtFitm50De-tiWBbhmT7shfScdeNWqDHQl9M1iY-WY=w800 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v5d"
expires: Fri, 19 Apr 2024 10:46:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ad2ed4d0-c2d8-4292-b182-c43a37adaa1d.jpg"
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 10:46:34 GMT
server: fife
content-length: 25249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://mastqalandernews.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://mastqalandernews.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true | 173.194.221.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://mastqalandernews.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://mastqalandernews.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true IP173.194.221.84:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com FingerprintCC:CB:DD:14:30:B0:75:6A:EE:1D:20:F1:9E:C5:DD:5F:DD:68:4F:7B ValidityMon, 18 Mar 2024 20:38:53 GMT - Mon, 10 Jun 2024 20:38:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://mastqalandernews.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://mastqalandernews.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mastqalandernews.blogspot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:Cd1FujMhyt2NYtatTPked8Jq6VOgRQ:PG7yHVNrnhPd1cQA; Expires=Sat, 18-Apr-2026 10:46:35 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 10:46:35 GMT
location: https://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-tOva1gyGZ41w_NyBrbm13Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pl22975283.profitablegatecpm.com/f2/de/ff/f2deffa5261e1e74865e629b226ced7d.js | 192.243.59.20 | 200 OK | 16 kB |
URL GET HTTP/1.1pl22975283.profitablegatecpm.com/f2/de/ff/f2deffa5261e1e74865e629b226ced7d.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44088), with no line terminators Hasha1366b23417406d706b5115d0072801c fac900633e494760604d0f32cb531e35b7f55b3f 19d56617890059028e901a4255c4d0b1781fa80fe514a5dc6ecdf53794b70377
GET /f2/de/ff/f2deffa5261e1e74865e629b226ced7d.js HTTP/1.1
Host: pl22975283.profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 10:46:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7c2d7876a2e170e7570af0d0d23b2f4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.blogger.com/img/blogger_logo_round_35.png | 216.58.207.233 | 200 OK | 2.5 kB |
URL GET HTTP/3www.blogger.com/img/blogger_logo_round_35.png IP216.58.207.233:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17 ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT
File typePNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced Hash838622483cbfed35380b4705f19d7cca 7de684136affc969a24d61927afc18905cf2fc36 183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2531
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 10:41:21 GMT
expires: Wed, 24 Apr 2024 10:41:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 16 Apr 2024 15:03:57 GMT
content-type: image/png
age: 86714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| diabeteprecursor.com/watch.1276883987800.js?key=dc312870bf7b4d224db9df239a1120bb&kw=%5B%22exploring%22%2C%22the%22%2C%22world%22%5D&refer=https%3A%2F%2Fmastqalandernews.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1 | 172.240.108.84 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1diabeteprecursor.com/watch.1276883987800.js?key=dc312870bf7b4d224db9df239a1120bb&kw=%5B%22exploring%22%2C%22the%22%2C%22world%22%5D&refer=https%3A%2F%2Fmastqalandernews.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1 IP172.240.108.84:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdiabeteprecursor.com Fingerprint1C:22:64:65:CD:8F:40:2B:A3:ED:A2:2E:A4:63:1D:A2:32:AB:B3:82 ValidityTue, 16 Apr 2024 13:58:08 GMT - Mon, 15 Jul 2024 13:58:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1276883987800.js?key=dc312870bf7b4d224db9df239a1120bb&kw=%5B%22exploring%22%2C%22the%22%2C%22world%22%5D&refer=https%3A%2F%2Fmastqalandernews.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1 HTTP/1.1
Host: diabeteprecursor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mastqalandernews.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mastqalandernews.blogspot.com
Access-Control-Allow-Origin: https://mastqalandernews.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://diabeteprecursor.com/watch.1276883987800.js?dev=e&key=dc312870bf7b4d224db9df239a1120bb&kw=%5B%22exploring%22%2C%22the%22%2C%22world%22%5D&pst=1713437255&refer=https%3A%2F%2Fmastqalandernews.blogspot.com%2F&res=14.2071&rmtc=t&shu=9c6ae9877f10261d5c929ff3e8b2b185c7e53fb49e377c0c9d4b2305c6a3863f127de10cd18405a3a005c1a75baa77ac0b7b0e0f5877317edd846381145c7642f109c8f113ac86bc97684c4e64253a9855e4e18353847aa0204c5c8683c0a8&tz=0&uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1
Set-Cookie: u_pl=22874349; expires=Fri, 19 Apr 2024 10:46:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjg3NDM0OSwiayI6ImRjMzEyODcwYmY3YjRkMjI0ZGI5ZGYyMzlhMTEyMGJiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzI5Nzg5LCJwaWQiOjE3Nzc2ODksImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjMsInB0Ijo0LCJwayI6InltcXVhNmIyOWYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYXN0cWFsYW5kZXJuZXdzLmJsb2dzcG90LmNvbS8iLCJhciI6W119fQ.1E7dWHiaAShW_j3XG7TAL6ztc2uwBLfzCLwjYoZoA3U; expires=Thu, 18 Apr 2024 10:47:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d8709ae9321f747b77ec58bfd635bf5b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.blogger.com/static/v1/v-css/2223071481-static_pages.css | 216.58.207.233 | 200 OK | 1.4 kB |
URL GET HTTP/3www.blogger.com/static/v1/v-css/2223071481-static_pages.css IP216.58.207.233:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17 ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT
File typeASCII text, with very long lines (3841) Hashabd7446453ccdc733ba0a08169aff6c9 5c6954a63f01d55721edaa6236c5815087635333 bc75b808f349e4fcec454de341b7f80ff44fccd902b0e1109e18d5b3a35b7de3
GET /static/v1/v-css/2223071481-static_pages.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1393
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 17:58:37 GMT
expires: Wed, 16 Apr 2025 17:58:37 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 05:19:38 GMT
content-type: text/css
vary: Accept-Encoding
age: 146878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.blogger.com/static/v1/jsbin/671481879-analytics_autotrack.js | 216.58.207.233 | 200 OK | 8.1 kB |
URL GET HTTP/3www.blogger.com/static/v1/jsbin/671481879-analytics_autotrack.js IP216.58.207.233:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17 ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT
File typeJavaScript source, ASCII text, with very long lines (524) Hash1c4256076fac77893331db4f22a9a41a eb8a7de989615278406bee51533b6f4f6a71c841 57f24a99b10ad3f6431e857b33b26015c29c4cccced30375d222a35f0c4f9bb1
GET /static/v1/jsbin/671481879-analytics_autotrack.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 8121
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:14:27 GMT
expires: Wed, 16 Apr 2025 07:14:27 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 00:55:10 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 185528
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.blogger.com/img/blogger-logotype-color-black-1x.png | 216.58.207.233 | 200 OK | 1.2 kB |
URL GET HTTP/3www.blogger.com/img/blogger-logotype-color-black-1x.png IP216.58.207.233:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17 ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT
File typePNG image data, 112 x 27, 8-bit colormap, non-interlaced Hasha9d652846aeacdf8da5401f6e4d4a409 6127321cafe0be999bc0c9d952715ede2b9dd83d cbad27c35fbc84e2da4280476adeb197566db2750b8b4a79eb7e872db8d8acb7
GET /img/blogger-logotype-color-black-1x.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1155
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:41:20 GMT
expires: Thu, 18 Apr 2024 17:41:20 GMT
cache-control: public, max-age=604800
last-modified: Thu, 11 Apr 2024 16:58:06 GMT
content-type: image/png
age: 579915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 | 216.58.207.233 | 200 OK | 37 kB |
URL GET HTTP/3www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 IP216.58.207.233:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17 ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (32609) Hashcfb7cff983c2ae055e6927a0e1e735b8 f79c80c5acb5a3a0100f928da5abdbd80703380a 6b1fba6e7e598c5eb935fa030b6c4cf0c1db6e65063ecb9b1c3ad6e02edb1376
GET /blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mastqalandernews.blogspot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 10:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 37418
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/css/maia.css | 142.250.74.164 | 200 OK | 12 kB |
URL GET HTTP/2www.google.com/css/maia.css IP142.250.74.164:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT
File typeUnicode text, UTF-8 text, with very long lines (43499), with no line terminators Hash9e914fd11c5238c50eba741a873f0896 950316ffef900ceecca4cf847c9a8c14231271da 8684a32d1a10d050a26fc33192edf427a5f0c6874c590a68d77ae6e0d186bd8a
GET /css/maia.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 12181
date: Thu, 18 Apr 2024 10:46:35 GMT
expires: Thu, 18 Apr 2024 10:46:35 GMT
cache-control: private, max-age=0
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mastqalandernews.blogspot.com/favicon.ico | 216.58.207.225 | 200 OK | 412 B |
URL GET HTTP/3mastqalandernews.blogspot.com/favicon.ico IP216.58.207.225:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintA4:03:49:6F:80:6E:27:69:C4:CF:7F:94:FC:BC:3C:1F:D5:28:AE:B5 ValidityMon, 04 Mar 2024 06:55:13 GMT - Mon, 27 May 2024 06:55:12 GMT
File typeMS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel Hash59a0c7b6e4848ccdabcea0636efda02b 30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340 a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: mastqalandernews.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Thu, 18 Apr 2024 10:46:35 GMT
date: Thu, 18 Apr 2024 10:46:35 GMT
cache-control: private, max-age=86400
last-modified: Thu, 18 Apr 2024 10:27:54 GMT
etag: W/"209dbee3a4e6bfd945cc620490e2e0ce1a4db49d3188279b7d43d4fa5abe77bb"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 29 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:46:35 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 8ae64f442f0af8051fcb2ba46b6e8518
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 18 Apr 2024 10:46:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1s%2FLC9vdsrjukI3MbZHTSDp%2BeCJbbqfMeQ1EgQfgx08rQttr%2B7JL%2BcKqw3sotUqe3o8MLotmJgTn9GxbGARK1qNZMAnMMuM3OAGKZHzd9GUrFUrgFXW0jixE8tKN9vP06YDThyoQU86dwg7FZJ1cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876412661efeb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:300 | 142.250.74.138 | 200 OK | 2.2 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans:300 IP142.250.74.138:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashb777ff762cc2bb60c9e854f183f25809 2e7462daef7d6dba1f0ffeaced31916c41c81f5c da9aa49d801bac8f469c4d1480391be2f531a800c19bea17ae858abcf00d7942
GET /css?family=Open+Sans:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 10:46:35 GMT
date: Thu, 18 Apr 2024 10:46:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:01 GMT
expires: Fri, 18 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 29375
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 | 142.250.74.163 | 200 OK | 19 kB |
URL GET HTTP/3fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 IP142.250.74.163:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18704, version 1.0 Hashe4bedefe2836b39d626053935cf2f803 105fc75ff4d76c2ae06e422f6304dc9b1552389d 758015e3cb56989df5cfcf912d2c3861a62e623d386ef12d4bacf15891a4eb81
GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:34:39 GMT
expires: Fri, 11 Apr 2025 17:34:39 GMT
cache-control: public, max-age=31536000
age: 580317
last-modified: Thu, 14 Dec 2023 02:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/og/_/ss/k=og.qtm.a3zi8fXUiF0.L.F4.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTt79n3RFARCJ_GRiGdMGqawQRc7ng | 142.250.74.35 | 200 OK | 667 B |
URL GET HTTP/3www.gstatic.com/og/_/ss/k=og.qtm.a3zi8fXUiF0.L.F4.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTt79n3RFARCJ_GRiGdMGqawQRc7ng IP142.250.74.35:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeASCII text, with very long lines (1722), with no line terminators Hash86fcaa445324cbbc6a504f2ab19da873 c49068a17478dba83ec0ccbebb12071deb7034f6 9105e94ea40b0d9969d1c291c09f9de6b9871d4f75f4b95989d0444d4839de52
GET /og/_/ss/k=og.qtm.a3zi8fXUiF0.L.F4.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTt79n3RFARCJ_GRiGdMGqawQRc7ng HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-length: 667
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:30:41 GMT
expires: Wed, 16 Apr 2025 07:30:41 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 09 Apr 2024 01:30:25 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding, Origin
age: 184555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/og/_/js/k=og.qtm.en_US.oT1FwJRCVC4.2019.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTvBynad-nWEy1xIb9j1w6LpLOF6IQ | 142.250.74.35 | 200 OK | 60 kB |
URL GET HTTP/3www.gstatic.com/og/_/js/k=og.qtm.en_US.oT1FwJRCVC4.2019.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTvBynad-nWEy1xIb9j1w6LpLOF6IQ IP142.250.74.35:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1746) Hash702f6c0c58b88fff5706af50fe753619 eda888be6785315c8e7adc768c545d86509d516f 512580a3f688d2450b34c9ce9ac66d59bfd18440a2857423b4ff412d502bcbbb
GET /og/_/js/k=og.qtm.en_US.oT1FwJRCVC4.2019.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTvBynad-nWEy1xIb9j1w6LpLOF6IQ HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-length: 59800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:30:47 GMT
expires: Wed, 16 Apr 2025 07:30:47 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 13 Apr 2024 01:39:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 184549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| diabeteprecursor.com/watch.1276883987800.js?dev=e&key=dc312870bf7b4d224db9df239a1120bb&kw=%5B%22exploring%22%2C%22the%22%2C%22world%22%5D&pst=1713437255&refer=https%3A%2F%2Fmastqalandernews.blogspot.com%2F&res=14.2071&rmtc=t&shu=9c6ae9877f10261d5c929ff3e8b2b185c7e53fb49e377c0c9d4b2305c6a3863f127de10cd18405a3a005c1a75baa77ac0b7b0e0f5877317edd846381145c7642f109c8f113ac86bc97684c4e64253a9855e4e18353847aa0204c5c8683c0a8&tz=0&uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1 | 172.240.108.84 | 200 OK | 2.1 kB |
URL GET HTTP/1.1diabeteprecursor.com/watch.1276883987800.js?dev=e&key=dc312870bf7b4d224db9df239a1120bb&kw=%5B%22exploring%22%2C%22the%22%2C%22world%22%5D&pst=1713437255&refer=https%3A%2F%2Fmastqalandernews.blogspot.com%2F&res=14.2071&rmtc=t&shu=9c6ae9877f10261d5c929ff3e8b2b185c7e53fb49e377c0c9d4b2305c6a3863f127de10cd18405a3a005c1a75baa77ac0b7b0e0f5877317edd846381145c7642f109c8f113ac86bc97684c4e64253a9855e4e18353847aa0204c5c8683c0a8&tz=0&uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1 IP172.240.108.84:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdiabeteprecursor.com Fingerprint1C:22:64:65:CD:8F:40:2B:A3:ED:A2:2E:A4:63:1D:A2:32:AB:B3:82 ValidityTue, 16 Apr 2024 13:58:08 GMT - Mon, 15 Jul 2024 13:58:07 GMT
File typeJavaScript source, ASCII text, with very long lines (2690) Hash6a24c6c8bbc5481389cc5ec347f5c728 0cf4b55a597a068b34bf16a579c7a9bf361210b4 91dda2647c3d9828dea656a5bc658fac5cca5701cef3064b690a7f03aa655720
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1276883987800.js?dev=e&key=dc312870bf7b4d224db9df239a1120bb&kw=%5B%22exploring%22%2C%22the%22%2C%22world%22%5D&pst=1713437255&refer=https%3A%2F%2Fmastqalandernews.blogspot.com%2F&res=14.2071&rmtc=t&shu=9c6ae9877f10261d5c929ff3e8b2b185c7e53fb49e377c0c9d4b2305c6a3863f127de10cd18405a3a005c1a75baa77ac0b7b0e0f5877317edd846381145c7642f109c8f113ac86bc97684c4e64253a9855e4e18353847aa0204c5c8683c0a8&tz=0&uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1 HTTP/1.1
Host: diabeteprecursor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mastqalandernews.blogspot.com
Referer: https://mastqalandernews.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22874349; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjg3NDM0OSwiayI6ImRjMzEyODcwYmY3YjRkMjI0ZGI5ZGYyMzlhMTEyMGJiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNzI5Nzg5LCJwaWQiOjE3Nzc2ODksImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjgsImFpZCI6MjMsInB0Ijo0LCJwayI6InltcXVhNmIyOWYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYXN0cWFsYW5kZXJuZXdzLmJsb2dzcG90LmNvbS8iLCJhciI6W119fQ.1E7dWHiaAShW_j3XG7TAL6ztc2uwBLfzCLwjYoZoA3U
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mastqalandernews.blogspot.com
Access-Control-Allow-Origin: https://mastqalandernews.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5dcdb0e7-e8d0-4829-83d9-213e7223f489:3:1; expires=Thu, 25 Apr 2024 10:46:35 GMT; secure; SameSite=None
iprc38158a9a1b14cfdc59ce496911b68b97=3569808; expires=Thu, 18 Apr 2024 14:46:35 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 19 Apr 2024 10:46:35 GMT; secure; SameSite=None
uncs=1; expires=Fri, 19 Apr 2024 10:46:35 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 19 Apr 2024 10:46:35 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 19 Apr 2024 10:46:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 79c69baf709496c0a4f44c01abfa3740
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.dCBC8e6ENbg.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo8oB7UmguRctpg6togRivSNxNKjzQ/cb=gapi.loaded_0 | 142.250.74.110 | 200 OK | 41 kB |
URL GET HTTP/2apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.dCBC8e6ENbg.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo8oB7UmguRctpg6togRivSNxNKjzQ/cb=gapi.loaded_0 IP142.250.74.110:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintE3:82:77:FB:12:E7:1E:09:41:8D:12:01:82:E8:DB:CC:47:EB:3F:57 ValidityMon, 04 Mar 2024 07:19:24 GMT - Mon, 27 May 2024 07:19:23 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Hash65abf16ff35d7d829f4f78613063502b 2f640a30f14ca0a643a70e6a717d211b28dc9f38 933e2be0474963e1c8e5d2fc3feb2f19192b6696867214584632b71fe2816e1c
GET /_/scs/abc-static/_/js/k=gapi.gapi.en.dCBC8e6ENbg.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo8oB7UmguRctpg6togRivSNxNKjzQ/cb=gapi.loaded_0 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 41188
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:00:54 GMT
expires: Fri, 11 Apr 2025 17:00:54 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 31 Mar 2024 15:10:24 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 582342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| borrowedtransition.com/sbar.json?key=f2deffa5261e1e74865e629b226ced7d&uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1 | 172.240.127.234 | 200 OK | 8.4 kB |
URL GET HTTP/1.1borrowedtransition.com/sbar.json?key=f2deffa5261e1e74865e629b226ced7d&uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1 IP172.240.127.234:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectborrowedtransition.com Fingerprint70:9C:05:60:66:83:51:51:B7:24:55:50:76:45:94:A0:A7:D5:7F:97 ValidityTue, 16 Apr 2024 14:01:04 GMT - Mon, 15 Jul 2024 14:01:03 GMT
Hash481eb1572e9b8cc3666d36e7356f4e17 de300059c6bfb0cb0fa64e1c6d5238cf5d64662a 9e81235fc19eb49b59f5c85e849dceec17c5e18c318c42c12f7d31c2805deede
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=f2deffa5261e1e74865e629b226ced7d&uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489%3A3%3A1 HTTP/1.1
Host: borrowedtransition.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mastqalandernews.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:36 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mastqalandernews.blogspot.com
Access-Control-Allow-Origin: https://mastqalandernews.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22874784; expires=Fri, 19 Apr 2024 10:46:36 GMT; secure; SameSite=None
uid_id2=5dcdb0e7-e8d0-4829-83d9-213e7223f489:3:1; expires=Thu, 25 Apr 2024 10:46:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 19 Apr 2024 10:46:36 GMT; secure; SameSite=None
uncs=1; expires=Fri, 19 Apr 2024 10:46:36 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 19 Apr 2024 10:46:36 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 19 Apr 2024 10:46:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ec7cd37667ac8673ddfba565c08610b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png | 45.133.44.10 | 200 OK | 106 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced Size106 kB (105910 bytes) Hasha36b92bb68d9b579458560ba9b94862a 782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6 9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:46:36 GMT
content-type: image/png
content-length: 105910
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Sat, 20 Apr 2024 10:46:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| borrowedtransition.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSunuTiDwRlESQKffCwgpl098z0zLiHxRgjwbhZd1f0IlLdVT0pU93VVnVPTwJicEH2OPoXdL5JNqiL7F6FXaSz4CEg7HjKwVw8eVXYgyeZcXDcd6j3Xn1fwVffe18d5OfEQ07P1t5Te0JKutKqO%2FbFj1z3kr0pknxgDzr%2BJ37zkq37b3T9uvOa%2FQ4Pd9SK57iO4zquvS40j9RgZQJCpHe6br3r1Jte3W01MdBP9ia3YKgF1j8nL0Cw8eJD6wJEWCGJ765xs5Op9PW341zSTGn02fEHyU6iigTxvIy0hSg5nrGhzKP1B1DJ0VQuVP8%2FYiDGxPr5AYLkeCYSQf9wqjOQ4AkC9gyKfgUuKwhaIVQ3IdgjAoQMV7aQxLevKF3Q3X9ROkHHZPHxXxDFmCz%2BdgFJ%2FMOqFAP7upJ5JlRiMIhKiEEF0auQ5ifI9moQxQnC7EsI9gtZebyJJD7cMlJBsLNXWyxkgcPby7zDnOVmx%2Bsudxqsu%2By5Dd72vEbU7HSnBglRQUQVJB%2BCmgXkxkIuLOSRhTy1ELMzO3Rdt%2B2wkDqdbhg2WJsHPnNc2o5c6jp%2BB3k4%2BcMQWTpEKIcI9T5SvY8d8fWYWE%2B9CJ3%2FBLNdwrAaTDYm1vtfoM9KFJygMAQFJSgEQZERFP3yiEnjmfI2kyYP3Fn2ZrlRjlTWO6BHKuvxhIDqITQrD9Jz8vzESevjp0vs8DM78hiPItryfJe7vN3s%2BC3ue93A8%2FyQszaDESWEqYEaC3tiTDp%2FfI5UjMmS%2FRICegIjTxCKl0HzV0CLEnS7xF5yP6Ym%2B4xKmjCuE16YeiBVz6Qqq4cqBlMl0mwR2a51IM%2FJ0nS4G1t3wcPTy783poFQl0h1iU%2FFQ4KevDW6pgpyeE0VhtzbSjMRiz06Gfz1jGZ84bt3%2BW6hNNtYM8Nv3wwnwKS8c4ObbJMmTCQ9Q75fFYxxva50yMn9DfMhD67mZns110mebl59a30jTjU3RqikAp3s8J8aoRiT55ZuTHf64o9bELqCzkvE%2BSmZBYSqEKb7MOlcv1EEWs45QWqhyMuR9oL5pRQEks97GpQw%2F%2BuDeT3SdPKaivLA3EJP10Czm0jiEn1doi9LUDmEyRdGWapPL%2F86kxHI2iiQunYYSC2%2Fmdo8Oe7BiDO73Wg41O%2B23Hab8nbQ9DqR7zJKvabv%2BT5tIDPjyP772X8AAAD%2F%2FwEAAP%2F%2FZq5E%2B60EAAA%3D | 172.240.127.234 | 200 OK | 7 B |
URL GET HTTP/1.1borrowedtransition.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSunuTiDwRlESQKffCwgpl098z0zLiHxRgjwbhZd1f0IlLdVT0pU93VVnVPTwJicEH2OPoXdL5JNqiL7F6FXaSz4CEg7HjKwVw8eVXYgyeZcXDcd6j3Xn1fwVffe18d5OfEQ07P1t5Te0JKutKqO%2FbFj1z3kr0pknxgDzr%2BJ37zkq37b3T9uvOa%2FQ4Pd9SK57iO4zquvS40j9RgZQJCpHe6br3r1Jte3W01MdBP9ia3YKgF1j8nL0Cw8eJD6wJEWCGJ765xs5Op9PW341zSTGn02fEHyU6iigTxvIy0hSg5nrGhzKP1B1DJ0VQuVP8%2FYiDGxPr5AYLkeCYSQf9wqjOQ4AkC9gyKfgUuKwhaIVQ3IdgjAoQMV7aQxLevKF3Q3X9ROkHHZPHxXxDFmCz%2BdgFJ%2FMOqFAP7upJ5JlRiMIhKiEEF0auQ5ifI9moQxQnC7EsI9gtZebyJJD7cMlJBsLNXWyxkgcPby7zDnOVmx%2Bsudxqsu%2By5Dd72vEbU7HSnBglRQUQVJB%2BCmgXkxkIuLOSRhTy1ELMzO3Rdt%2B2wkDqdbhg2WJsHPnNc2o5c6jp%2BB3k4%2BcMQWTpEKIcI9T5SvY8d8fWYWE%2B9CJ3%2FBLNdwrAaTDYm1vtfoM9KFJygMAQFJSgEQZERFP3yiEnjmfI2kyYP3Fn2ZrlRjlTWO6BHKuvxhIDqITQrD9Jz8vzESevjp0vs8DM78hiPItryfJe7vN3s%2BC3ue93A8%2FyQszaDESWEqYEaC3tiTDp%2FfI5UjMmS%2FRICegIjTxCKl0HzV0CLEnS7xF5yP6Ym%2B4xKmjCuE16YeiBVz6Qqq4cqBlMl0mwR2a51IM%2FJ0nS4G1t3wcPTy783poFQl0h1iU%2FFQ4KevDW6pgpyeE0VhtzbSjMRiz06Gfz1jGZ84bt3%2BW6hNNtYM8Nv3wwnwKS8c4ObbJMmTCQ9Q75fFYxxva50yMn9DfMhD67mZns110mebl59a30jTjU3RqikAp3s8J8aoRiT55ZuTHf64o9bELqCzkvE%2BSmZBYSqEKb7MOlcv1EEWs45QWqhyMuR9oL5pRQEks97GpQw%2F%2BuDeT3SdPKaivLA3EJP10Czm0jiEn1doi9LUDmEyRdGWapPL%2F86kxHI2iiQunYYSC2%2Fmdo8Oe7BiDO73Wg41O%2B23Hab8nbQ9DqR7zJKvabv%2BT5tIDPjyP772X8AAAD%2F%2FwEAAP%2F%2FZq5E%2B60EAAA%3D IP172.240.127.234:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectborrowedtransition.com Fingerprint70:9C:05:60:66:83:51:51:B7:24:55:50:76:45:94:A0:A7:D5:7F:97 ValidityTue, 16 Apr 2024 14:01:04 GMT - Mon, 15 Jul 2024 14:01:03 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSunuTiDwRlESQKffCwgpl098z0zLiHxRgjwbhZd1f0IlLdVT0pU93VVnVPTwJicEH2OPoXdL5JNqiL7F6FXaSz4CEg7HjKwVw8eVXYgyeZcXDcd6j3Xn1fwVffe18d5OfEQ07P1t5Te0JKutKqO%2FbFj1z3kr0pknxgDzr%2BJ37zkq37b3T9uvOa%2FQ4Pd9SK57iO4zquvS40j9RgZQJCpHe6br3r1Jte3W01MdBP9ia3YKgF1j8nL0Cw8eJD6wJEWCGJ765xs5Op9PW341zSTGn02fEHyU6iigTxvIy0hSg5nrGhzKP1B1DJ0VQuVP8%2FYiDGxPr5AYLkeCYSQf9wqjOQ4AkC9gyKfgUuKwhaIVQ3IdgjAoQMV7aQxLevKF3Q3X9ROkHHZPHxXxDFmCz%2BdgFJ%2FMOqFAP7upJ5JlRiMIhKiEEF0auQ5ifI9moQxQnC7EsI9gtZebyJJD7cMlJBsLNXWyxkgcPby7zDnOVmx%2Bsudxqsu%2By5Dd72vEbU7HSnBglRQUQVJB%2BCmgXkxkIuLOSRhTy1ELMzO3Rdt%2B2wkDqdbhg2WJsHPnNc2o5c6jp%2BB3k4%2BcMQWTpEKIcI9T5SvY8d8fWYWE%2B9CJ3%2FBLNdwrAaTDYm1vtfoM9KFJygMAQFJSgEQZERFP3yiEnjmfI2kyYP3Fn2ZrlRjlTWO6BHKuvxhIDqITQrD9Jz8vzESevjp0vs8DM78hiPItryfJe7vN3s%2BC3ue93A8%2FyQszaDESWEqYEaC3tiTDp%2FfI5UjMmS%2FRICegIjTxCKl0HzV0CLEnS7xF5yP6Ym%2B4xKmjCuE16YeiBVz6Qqq4cqBlMl0mwR2a51IM%2FJ0nS4G1t3wcPTy783poFQl0h1iU%2FFQ4KevDW6pgpyeE0VhtzbSjMRiz06Gfz1jGZ84bt3%2BW6hNNtYM8Nv3wwnwKS8c4ObbJMmTCQ9Q75fFYxxva50yMn9DfMhD67mZns110mebl59a30jTjU3RqikAp3s8J8aoRiT55ZuTHf64o9bELqCzkvE%2BSmZBYSqEKb7MOlcv1EEWs45QWqhyMuR9oL5pRQEks97GpQw%2F%2BuDeT3SdPKaivLA3EJP10Czm0jiEn1doi9LUDmEyRdGWapPL%2F86kxHI2iiQunYYSC2%2Fmdo8Oe7BiDO73Wg41O%2B23Hab8nbQ9DqR7zJKvabv%2BT5tIDPjyP772X8AAAD%2F%2FwEAAP%2F%2FZq5E%2B60EAAA%3D HTTP/1.1
Host: borrowedtransition.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Cookie: u_pl=22874784; uid_id2=5dcdb0e7-e8d0-4829-83d9-213e7223f489:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:36 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9197c66b1e9f87e3e99bf361387c47e4
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f2deffa5261e1e74865e629b226ced7d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f2deffa5261e1e74865e629b226ced7d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=5dcdb0e7-e8d0-4829-83d9-213e7223f489&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f2deffa5261e1e74865e629b226ced7d&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 10:46:37 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4c1fad4e04ddb4857383a75bdf1e4ed
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| borrowedtransition.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=2568 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1borrowedtransition.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=2568 IP172.240.127.234:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectborrowedtransition.com Fingerprint70:9C:05:60:66:83:51:51:B7:24:55:50:76:45:94:A0:A7:D5:7F:97 ValidityTue, 16 Apr 2024 14:01:04 GMT - Mon, 15 Jul 2024 14:01:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=2568 HTTP/1.1
Host: borrowedtransition.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Cookie: u_pl=22874784; uid_id2=5dcdb0e7-e8d0-4829-83d9-213e7223f489:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png | 172.67.141.24 | 200 OK | 6.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png IP172.67.141.24:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:46:39 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5517203
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lug3Ngbyx19vQvubLXInApok3R%2FCJeF7dBDGiDjgyLwJtnub%2Be6i4DECLmyFnviXLd8aIs8bUf%2BRvgHRiu9ajVRYaljkhKh3LaaaJFIJMTkVM9Z30sl3u41yDBM9RJss3aFL%2FFRkAqkc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764127eebac5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png | 45.133.44.10 | 200 OK | 14 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash962ac416cce3fad636d4904386c8d3d4 811166fceb971353dc6a9ea3a153367f20b47592 ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555
GET /si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:46:39 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:05:10 GMT
etag: "656d25c6-38a0"
expires: Sat, 20 Apr 2024 10:46:39 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| borrowedtransition.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=333 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1borrowedtransition.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=333 IP172.240.127.234:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectborrowedtransition.com Fingerprint70:9C:05:60:66:83:51:51:B7:24:55:50:76:45:94:A0:A7:D5:7F:97 ValidityTue, 16 Apr 2024 14:01:04 GMT - Mon, 15 Jul 2024 14:01:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=333 HTTP/1.1
Host: borrowedtransition.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Cookie: u_pl=22874784; uid_id2=5dcdb0e7-e8d0-4829-83d9-213e7223f489:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| borrowedtransition.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=343 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1borrowedtransition.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=343 IP172.240.127.234:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectborrowedtransition.com Fingerprint70:9C:05:60:66:83:51:51:B7:24:55:50:76:45:94:A0:A7:D5:7F:97 ValidityTue, 16 Apr 2024 14:01:04 GMT - Mon, 15 Jul 2024 14:01:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=343 HTTP/1.1
Host: borrowedtransition.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Cookie: u_pl=22874784; uid_id2=5dcdb0e7-e8d0-4829-83d9-213e7223f489:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mastqalandernews.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:01 GMT
expires: Fri, 18 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 29379
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html | 45.133.44.3 | 200 OK | 16 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typegzip compressed data, from Unix Hashe40ff6ec8e8378c67b338bb070918d22 316e343653888baa4c3b31207e6c0717e5051faf b5e29cef7f8c6dac3e3d51b8acbc6a4f324162a977112b24473a46cf44302118
GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mastqalandernews.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:46:39 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 18 Apr 2024 11:46:39 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| borrowedtransition.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuunuzl91MEJQgShT54iODOdvd8m0MwxpXFNRuTiF5E6qsn5VZ3tVXd05MFMRiQHEf%2Fgt5ndrOoQZKrkCCzAQ8LQsbTHtyLJ68KOXiSGQdH30O971vPU%2FDU875f7BYnJEJBjy%2B%2BY3aU1nStVQ%2F8sx%2BE4Tl%2FU6XF0B922x%2B1m%2Bd8O3it164Hr%2FhvSb5t1qIgDIIwCP11ZWVshmszECq72wvrvaDejOphq4mh%2FW%2FvCg%2BOehCDE%2FIclJiuPPJOQ%2FEJ0uTeRem2c5O9%2BmZSaJobi4E4eC%2FdTk2ZIlmWsfUQpwcLNox7vP4QJt2fy4UZ%2FENkakq8Hx%2BCpQcLkWCDvblOpiFTMPEUysEEUk%2Bg6ATc3IISjwnABS5tIU3uXDK2pDf%2BRukMnZKVJ39AlVOy8stppMl3F7Qa%2BleNLnJlUodhXEENJ1D9CbLiEPlODao8BM8%2FhxI%2FkbUnm0iTvS2nDZQ4frkluGCB7KzKrghWm92ot9ptiN5qFDZkJ4oacbPbmxuk1AQqnkDLEag7hcJ5KJSHIvZQZB4ScezzMAw7geA06PY4b4iOZG0RhLQThzQM2l0UfPaHEfJsBK5H4PYmMnsT2%2BrLKfH%2B9zxs8QPc9QpO1ODyKfHe%2FQwDUaGUBKUjKClBqQjKnKAcVPtCu8hVd4R2BQsXOVrkRjU2eX%2BX7pu8L1MCakewotrNTsizMye9D%2F9fYVse%2B3EkZBzTVtQOZSg7zW67JdtRj0VRm0vREXCqgnI1UOdhR01J97dPkakpOeO%2FAEYP4fQhuHoRtHgJtKxAr1fYSR8k1OWfUE1TIW0qS1dn2vRdZvI6NwmEqZDlK8hveLv6hJyZD3dj6x4kPzr%2Fa2Me4LZCZit8rB4R9PXt8RVTkr0rpnTk%2FlaWq0Tt0Nngr%2BY0l6e%2BeVveKI0VGxfd6OvX%2BQyYlXevSZdv0lSotO%2FItxeUENKuG8slebDh3pfscuGuXyhsWmSbl99Y30gyK51TJp2Aznb4dwuupuSZM9fmO332%2By0oO4EtKiTFEVkElJmAZzfhsqV%2BZwisXnJY5qEsqrGN2PJSKwItlz1lFdy%2Ferasx5bOXlNV7brb6NsaaH4LaVJhYCsMdAWqR3DFqXGe2aPzPy9kMF0bM21re0xb%2FdXc5tlxH04d%2B41AdJiMZYfJZqsZSy5Yq8UCHnPWEN0uR%2B6msf%2Fn038BAAD%2F%2FwEAAP%2F%2F5nqRE60EAAA%3D | 172.240.127.234 | 200 OK | 7 B |
URL GET HTTP/1.1borrowedtransition.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuunuzl91MEJQgShT54iODOdvd8m0MwxpXFNRuTiF5E6qsn5VZ3tVXd05MFMRiQHEf%2Fgt5ndrOoQZKrkCCzAQ8LQsbTHtyLJ68KOXiSGQdH30O971vPU%2FDU875f7BYnJEJBjy%2B%2BY3aU1nStVQ%2F8sx%2BE4Tl%2FU6XF0B922x%2B1m%2Bd8O3it164Hr%2FhvSb5t1qIgDIIwCP11ZWVshmszECq72wvrvaDejOphq4mh%2FW%2FvCg%2BOehCDE%2FIclJiuPPJOQ%2FEJ0uTeRem2c5O9%2BmZSaJobi4E4eC%2FdTk2ZIlmWsfUQpwcLNox7vP4QJt2fy4UZ%2FENkakq8Hx%2BCpQcLkWCDvblOpiFTMPEUysEEUk%2Bg6ATc3IISjwnABS5tIU3uXDK2pDf%2BRukMnZKVJ39AlVOy8stppMl3F7Qa%2BleNLnJlUodhXEENJ1D9CbLiEPlODao8BM8%2FhxI%2FkbUnm0iTvS2nDZQ4frkluGCB7KzKrghWm92ot9ptiN5qFDZkJ4oacbPbmxuk1AQqnkDLEag7hcJ5KJSHIvZQZB4ScezzMAw7geA06PY4b4iOZG0RhLQThzQM2l0UfPaHEfJsBK5H4PYmMnsT2%2BrLKfH%2B9zxs8QPc9QpO1ODyKfHe%2FQwDUaGUBKUjKClBqQjKnKAcVPtCu8hVd4R2BQsXOVrkRjU2eX%2BX7pu8L1MCakewotrNTsizMye9D%2F9fYVse%2B3EkZBzTVtQOZSg7zW67JdtRj0VRm0vREXCqgnI1UOdhR01J97dPkakpOeO%2FAEYP4fQhuHoRtHgJtKxAr1fYSR8k1OWfUE1TIW0qS1dn2vRdZvI6NwmEqZDlK8hveLv6hJyZD3dj6x4kPzr%2Fa2Me4LZCZit8rB4R9PXt8RVTkr0rpnTk%2FlaWq0Tt0Nngr%2BY0l6e%2BeVveKI0VGxfd6OvX%2BQyYlXevSZdv0lSotO%2FItxeUENKuG8slebDh3pfscuGuXyhsWmSbl99Y30gyK51TJp2Aznb4dwuupuSZM9fmO332%2By0oO4EtKiTFEVkElJmAZzfhsqV%2BZwisXnJY5qEsqrGN2PJSKwItlz1lFdy%2Ferasx5bOXlNV7brb6NsaaH4LaVJhYCsMdAWqR3DFqXGe2aPzPy9kMF0bM21re0xb%2FdXc5tlxH04d%2B41AdJiMZYfJZqsZSy5Yq8UCHnPWEN0uR%2B6msf%2Fn038BAAD%2F%2FwEAAP%2F%2F5nqRE60EAAA%3D IP172.240.127.234:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectborrowedtransition.com Fingerprint70:9C:05:60:66:83:51:51:B7:24:55:50:76:45:94:A0:A7:D5:7F:97 ValidityTue, 16 Apr 2024 14:01:04 GMT - Mon, 15 Jul 2024 14:01:03 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuunuzl91MEJQgShT54iODOdvd8m0MwxpXFNRuTiF5E6qsn5VZ3tVXd05MFMRiQHEf%2Fgt5ndrOoQZKrkCCzAQ8LQsbTHtyLJ68KOXiSGQdH30O971vPU%2FDU875f7BYnJEJBjy%2B%2BY3aU1nStVQ%2F8sx%2BE4Tl%2FU6XF0B922x%2B1m%2Bd8O3it164Hr%2FhvSb5t1qIgDIIwCP11ZWVshmszECq72wvrvaDejOphq4mh%2FW%2FvCg%2BOehCDE%2FIclJiuPPJOQ%2FEJ0uTeRem2c5O9%2BmZSaJobi4E4eC%2FdTk2ZIlmWsfUQpwcLNox7vP4QJt2fy4UZ%2FENkakq8Hx%2BCpQcLkWCDvblOpiFTMPEUysEEUk%2Bg6ATc3IISjwnABS5tIU3uXDK2pDf%2BRukMnZKVJ39AlVOy8stppMl3F7Qa%2BleNLnJlUodhXEENJ1D9CbLiEPlODao8BM8%2FhxI%2FkbUnm0iTvS2nDZQ4frkluGCB7KzKrghWm92ot9ptiN5qFDZkJ4oacbPbmxuk1AQqnkDLEag7hcJ5KJSHIvZQZB4ScezzMAw7geA06PY4b4iOZG0RhLQThzQM2l0UfPaHEfJsBK5H4PYmMnsT2%2BrLKfH%2B9zxs8QPc9QpO1ODyKfHe%2FQwDUaGUBKUjKClBqQjKnKAcVPtCu8hVd4R2BQsXOVrkRjU2eX%2BX7pu8L1MCakewotrNTsizMye9D%2F9fYVse%2B3EkZBzTVtQOZSg7zW67JdtRj0VRm0vREXCqgnI1UOdhR01J97dPkakpOeO%2FAEYP4fQhuHoRtHgJtKxAr1fYSR8k1OWfUE1TIW0qS1dn2vRdZvI6NwmEqZDlK8hveLv6hJyZD3dj6x4kPzr%2Fa2Me4LZCZit8rB4R9PXt8RVTkr0rpnTk%2FlaWq0Tt0Nngr%2BY0l6e%2BeVveKI0VGxfd6OvX%2BQyYlXevSZdv0lSotO%2FItxeUENKuG8slebDh3pfscuGuXyhsWmSbl99Y30gyK51TJp2Aznb4dwuupuSZM9fmO332%2By0oO4EtKiTFEVkElJmAZzfhsqV%2BZwisXnJY5qEsqrGN2PJSKwItlz1lFdy%2Ferasx5bOXlNV7brb6NsaaH4LaVJhYCsMdAWqR3DFqXGe2aPzPy9kMF0bM21re0xb%2FdXc5tlxH04d%2B41AdJiMZYfJZqsZSy5Yq8UCHnPWEN0uR%2B6msf%2Fn038BAAD%2F%2FwEAAP%2F%2F5nqRE60EAAA%3D HTTP/1.1
Host: borrowedtransition.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Cookie: u_pl=22874784; uid_id2=5dcdb0e7-e8d0-4829-83d9-213e7223f489:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 771df692e7ded4d378cf1fd8e433bd32
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| borrowedtransition.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=332 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1borrowedtransition.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=332 IP172.240.108.84:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectborrowedtransition.com Fingerprint70:9C:05:60:66:83:51:51:B7:24:55:50:76:45:94:A0:A7:D5:7F:97 ValidityTue, 16 Apr 2024 14:01:04 GMT - Mon, 15 Jul 2024 14:01:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=332 HTTP/1.1
Host: borrowedtransition.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Cookie: u_pl=22874784; uid_id2=5dcdb0e7-e8d0-4829-83d9-213e7223f489:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css | 172.67.141.24 | 200 OK | 1.1 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css IP172.67.141.24:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash630f303dfe147dec2c4a226287393b69 3e9f8270b84e09595181bd55de6785a89f53ba10 967d085a33a12064d83cb38f582c3e418e021a2d523dd9597bb75dc00589fec7
GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mastqalandernews.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:46:39 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UJWQOnqJJqu370IfSErtpz6lqA8BJvdHmxLx%2FHrPtpH4i0UuNuO9XblcnoVksSCjIqo2ORr%2Bh0tlVI85Mfna%2BR6eNToxfiWUKIVCv2Xt8QrvZjKydj0gYuiTOaEBb9xEX2nKxnCfe8YN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764127e4abb5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css | 172.67.141.24 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css IP172.67.141.24:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashfc638645a938f69e69360c75335ffd1a 143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4 7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90
GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mastqalandernews.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:46:39 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AaSNJAvyegTl8HbRmQGDJIKr8mAih0685YAme2KJiHt4IwH%2BvaVnUNlBe6jDGfweL%2BjL7TEp0oiNEIdXvOZJ7dKpBIaBzBRgwtjjF4%2FAZfyMnr2o47mnmKVoNguMy9ohnKayzyayfU9U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764127e5abe5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg | 142.250.74.35 | 200 OK | 1.7 kB |
URL GET HTTP/3www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg IP142.250.74.35:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash2cb599972aacff104a16ddb0dfc2eac8 ac3ac0bee793cc2a2a8b61054a600e224155dbe8 31df42127cf0745fb22d0bdbce18d66dc61944a25052927af096fef620f66e0d
GET /images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 663
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 14 Apr 2024 16:04:23 GMT
expires: Mon, 14 Apr 2025 16:04:23 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 326533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js | 172.67.141.24 | 200 OK | 90 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP172.67.141.24:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:46:39 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4247855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BU%2FKHtTVcair4eeqSZZSI12c4d7usW31kzbxsvkU2aBaesTt0HBpz8Q%2BA67UcB2zehJLh%2BrNho1KIdIRD1c3CpXaBPkIzA9Tkr61jeIrCsNLZiyQwTqaHRIu%2FUYAGJXz9m91tJgZ8JH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764127eebb35697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.138 | 200 OK | 7.0 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.138:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 10:46:39 GMT
date: Thu, 18 Apr 2024 10:46:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| borrowedtransition.com/pixel/sbs?c=1 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1borrowedtransition.com/pixel/sbs?c=1 IP172.240.108.84:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerLet's Encrypt Subjectborrowedtransition.com Fingerprint70:9C:05:60:66:83:51:51:B7:24:55:50:76:45:94:A0:A7:D5:7F:97 ValidityTue, 16 Apr 2024 14:01:04 GMT - Mon, 15 Jul 2024 14:01:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: borrowedtransition.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Cookie: u_pl=22874784; uid_id2=5dcdb0e7-e8d0-4829-83d9-213e7223f489:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 10:46:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?lang=no&family=Product+Sans|Roboto:400,700 | 142.250.74.138 | 200 OK | 5.8 kB |
URL GET HTTP/2fonts.googleapis.com/css?lang=no&family=Product+Sans|Roboto:400,700 IP142.250.74.138:443
Requested byhttps://www.blogger.com/blogin.g?blogspotURL=https://mastqalandernews.blogspot.com/&type=blog&bpli=1 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (5919), with no line terminators Hash157caad684df07cb92e10ec7fbf85bbd 2569f0646578c4ad5a08d07d1e0a7d6b63302b6d 4c1aaf2eb3d702b7760accdc3e3d9d7216c0338bdae006c98855ef2855cbce3d
GET /css?lang=no&family=Product+Sans|Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 10:46:35 GMT
date: Thu, 18 Apr 2024 10:46:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js | 172.67.141.24 | 200 OK | 382 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js IP172.67.141.24:443
Requested byhttps://mastqalandernews.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (411), with no line terminators Hash9ffae600059bf4e6adb35ebb274ae385 6130e466c04551baa2a5d650e6bd5a87daba73a7 a7d15e051fb3d3c31494683306bb7752478354894825b110d26d333cbeaaeb39
GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mastqalandernews.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://mastqalandernews.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:46:39 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:08 GMT
etag: W/"62134c64-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTK4f6eLNCSNK%2Bl5CFHj7B%2BkHnTK8%2FUuIENeXvl1pQgkSPPao2Gm1QbFrk623duLsxoFwMT%2FIHuamvZZ3uRMSsQp5Qrc7KSLV0U7s98WA52qfKVCah8qQkWpiGb3KX5czk6fSDxcUTWc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764127f6ca55697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|