| baan-seriestv.blogspot.com/ | 216.58.207.193 | 200 OK | 34 kB |
URL User Request GET HTTP/2baan-seriestv.blogspot.com/ IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeHTML document, ASCII text, with very long lines (13792) Hash4d197d5d0c0586b13d44e43b9f5db414 b61514daf819c4277955e967375d124c3eb4b5b2 f23c122dbcb0fbadb778f10072c932749bfba6148b1106ce8a011497da5dd585
GET / HTTP/1.1
Host: baan-seriestv.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 04 May 2024 08:16:32 GMT
date: Sat, 04 May 2024 08:16:32 GMT
cache-control: private, max-age=0
last-modified: Tue, 16 Apr 2024 02:44:25 GMT
etag: W/"4d3643184c2839d5f3d4243a0207767ad52db9172cc99a72c273e8a118fe532c"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 33891
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| baan-seriestv.blogspot.com/js/cookienotice.js | 216.58.207.193 | 200 OK | 2.0 kB |
URL GET HTTP/3baan-seriestv.blogspot.com/js/cookienotice.js IP216.58.207.193:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeJavaScript source, ASCII text Hasha705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: baan-seriestv.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 04 May 2024 08:16:33 GMT
expires: Sat, 11 May 2024 08:16:33 GMT
cache-control: public, max-age=604800
last-modified: Sat, 04 May 2024 05:55:46 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.blogger.com/static/v1/widgets/4290687098-widgets.js | 216.58.207.233 | 200 OK | 51 kB |
URL GET HTTP/2www.blogger.com/static/v1/widgets/4290687098-widgets.js IP216.58.207.233:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64 ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT
File typeJavaScript source, ASCII text, with very long lines (1941) Hash30490c5bf1c9a62c3f7aaf45de530b69 89fdf91f40944a3babf7d9f485cbfbcc32454d50 b7c68fe77654ca4d42928e0a0ea49c642de2887b1ef65e5123105f5359390d49
GET /static/v1/widgets/4290687098-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 51402
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:08:26 GMT
expires: Fri, 02 May 2025 02:08:26 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 May 2024 23:54:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 194887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| resources.blogblog.com/html/buttons/blogger-powerby-blue.gif | 216.58.207.233 | 200 OK | 1.0 kB |
URL GET HTTP/2resources.blogblog.com/html/buttons/blogger-powerby-blue.gif IP216.58.207.233:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64 ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT
File typeGIF image data, version 89a, 88 x 30 Hasha9760f09d59ff6575e57cecc878c6ade 32fbb7823860c54ac2fb0639399ec7a42ae6bc32 29ac6786094ff0fb6e51d466cd1745d60e2ce3b3d3cf051edf1fd6ccc2ad69cd
GET /html/buttons/blogger-powerby-blue.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:17:55 GMT
expires: Thu, 09 May 2024 02:17:55 GMT
cache-control: public, max-age=604800
last-modified: Tue, 30 Apr 2024 23:56:35 GMT
content-type: image/gif
age: 194318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| resources.blogblog.com/img/widgets/icon_wikipedia_w.png | 216.58.207.233 | 200 OK | 410 B |
URL GET HTTP/2resources.blogblog.com/img/widgets/icon_wikipedia_w.png IP216.58.207.233:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64 ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT
File typePNG image data, 43 x 28, 8-bit colormap, non-interlaced Hash6d98867f58398a6017b729f147d7713d 6b51125eb6a5b8254a3465474322a768a53acfef 21f335cf5dc6e2a74037fef424c8686d125d6cd01e196b8a4db759de0cc29d26
GET /img/widgets/icon_wikipedia_w.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 410
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 15:14:32 GMT
expires: Thu, 09 May 2024 15:14:32 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 May 2024 21:56:23 GMT
content-type: image/png
age: 147721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| apis.google.com/js/platform.js | 142.250.74.46 | 200 OK | 21 kB |
URL GET HTTP/2apis.google.com/js/platform.js IP142.250.74.46:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.apis.google.com FingerprintA7:D6:BC:77:0E:91:14:D7:D6:8D:A4:E5:4C:00:57:E1:44:DB:F2:8B ValidityTue, 16 Apr 2024 04:20:57 GMT - Tue, 09 Jul 2024 04:20:56 GMT
File typeJavaScript source, ASCII text, with very long lines (2050) Hashe66acfdb2f1dfcff8c6dba736dd4ab6d 36026360b6c8d750488ef2c739e04969f8c5bcd7 742841b3cf614dd55ce486a7335018bd1992c4d05ef74b45a0781318075a99f3
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21303
date: Sat, 04 May 2024 08:16:33 GMT
expires: Sat, 04 May 2024 08:16:33 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "d8cc7aca923e8ade"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js | 142.250.74.99 | 200 OK | 3.5 kB |
URL GET HTTP/2www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js IP142.250.74.99:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10473) Hash158013acb7e269a3dbe18de855656c97 08fa355584fc849539b3f04589ae6f61eb4a7d98 92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 08:16:33 GMT
expires: Sat, 04 May 2024 08:16:33 GMT
cache-control: public, max-age=0
age: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| resources.blogblog.com/blogblog/data/res/2217963473-vegeclub_compiled.js | 216.58.207.233 | 200 OK | 46 kB |
URL GET HTTP/2resources.blogblog.com/blogblog/data/res/2217963473-vegeclub_compiled.js IP216.58.207.233:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64 ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT
File typeJavaScript source, ASCII text, with very long lines (2176) Hash8b604d75a97e752949f37e09df0aadf2 20894232b2f6c50fc247ea92f32603518a5bde99 018335a1bf5622fc813e66815c77cab0664d7dcf1016cfac0d6dac2ecff9c6de
GET /blogblog/data/res/2217963473-vegeclub_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 46330
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:33:41 GMT
expires: Thu, 09 May 2024 23:33:41 GMT
cache-control: public, max-age=604800
last-modified: Thu, 02 May 2024 11:52:57 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 117772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pl19605337.highcpmrevenuegate.com/6f04a9e1b188278c7175c138eae2548c/invoke.js | 172.240.108.84 | 200 OK | 9.8 kB |
URL GET HTTP/1.1pl19605337.highcpmrevenuegate.com/6f04a9e1b188278c7175c138eae2548c/invoke.js IP172.240.108.84:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjecthighcpmrevenuegate.com Fingerprint39:91:56:A1:A4:D3:84:A5:5B:5C:6A:E2:3E:64:5C:F3:21:81:0C:F0 ValidityWed, 27 Mar 2024 07:16:22 GMT - Tue, 25 Jun 2024 07:16:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (26569), with no line terminators Hash2ab2da1ec12cc22a7904aa745ddf759c 09fa356d746484bb3b14d215e39cb06360df5888 4252a849d0c8fde5266031037e2ee1e9c2cd112b9af2cf86a2cadf72f8200d93
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /6f04a9e1b188278c7175c138eae2548c/invoke.js HTTP/1.1
Host: pl19605337.highcpmrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 21c152b5b47d8dbddda017891db91590
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| pl19428807.highwaycpmrevenue.com/4e/a9/68/4ea9680bb47519cb87e7e0446f253266.js | 172.240.108.76 | 200 OK | 31 kB |
URL GET HTTP/1.1pl19428807.highwaycpmrevenue.com/4e/a9/68/4ea9680bb47519cb87e7e0446f253266.js IP172.240.108.76:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjecthighwaycpmrevenue.com Fingerprint7E:4C:58:E9:04:A1:4B:7B:5F:E4:89:4C:7C:82:DF:76:22:D8:22:16 ValidityMon, 04 Mar 2024 06:35:44 GMT - Sun, 02 Jun 2024 06:35:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash07d66f878f0f88cb52c467122955d2a1 3667d59a4b1ab9efec5679c13ffe77d260c9bc25 e6d5e87279da782c756e81a4278a5f2939dc739b6fd096beb87c70ccf034d064
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4e/a9/68/4ea9680bb47519cb87e7e0446f253266.js HTTP/1.1
Host: pl19428807.highwaycpmrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46067836aeb5b77a92ee87a284e2d038
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| pl19428785.highcpmrevenuegate.com/65/d9/33/65d9338a0de48da83a51dda015ac0fc8.js | 172.240.127.234 | 200 OK | 16 kB |
URL GET HTTP/1.1pl19428785.highcpmrevenuegate.com/65/d9/33/65d9338a0de48da83a51dda015ac0fc8.js IP172.240.127.234:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjecthighcpmrevenuegate.com Fingerprint39:91:56:A1:A4:D3:84:A5:5B:5C:6A:E2:3E:64:5C:F3:21:81:0C:F0 ValidityWed, 27 Mar 2024 07:16:22 GMT - Tue, 25 Jun 2024 07:16:21 GMT
File typeJavaScript source, ASCII text, with very long lines (45320), with no line terminators Hash7e8e980bfdb37af4a01d68ae9d286cc0 f079d686e7a9c4e8f62d7fe65cc7550e7792a9b6 51d28d31b2f4de99e2242c0be4c6c269bc3d041306982a7e73b9c443776b3966
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /65/d9/33/65d9338a0de48da83a51dda015ac0fc8.js HTTP/1.1
Host: pl19428785.highcpmrevenuegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=1; expires=Tue, 07 May 2024 11:16:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 322afb0a602e9be365545959ec07667b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| pl19428785.highwaycpmrevenue.com/65/d9/33/65d9338a0de48da83a51dda015ac0fc8.js | 192.243.59.20 | 200 OK | 16 kB |
URL GET HTTP/1.1pl19428785.highwaycpmrevenue.com/65/d9/33/65d9338a0de48da83a51dda015ac0fc8.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjecthighwaycpmrevenue.com Fingerprint7E:4C:58:E9:04:A1:4B:7B:5F:E4:89:4C:7C:82:DF:76:22:D8:22:16 ValidityMon, 04 Mar 2024 06:35:44 GMT - Sun, 02 Jun 2024 06:35:43 GMT
File typeJavaScript source, ASCII text, with very long lines (44041), with no line terminators Hash3b83477bc3153ec78b54a947715a6e48 20989d19eb7ce3472d6860c713951350331c8ea2 82f2d5b627967e0f9c0d8a106ea62ecf768e276e73ba6770fda57f1c449e3c02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /65/d9/33/65d9338a0de48da83a51dda015ac0fc8.js HTTP/1.1
Host: pl19428785.highwaycpmrevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 08:16:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3448=0; expires=Tue, 07 May 2024 11:16:34 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0123544689298c4ccdd7b1bbc04676d1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| baan-seriestv.blogspot.com/responsive/sprite_v1_6.css.svg | 216.58.207.193 | 200 OK | 2.2 kB |
URL GET HTTP/3baan-seriestv.blogspot.com/responsive/sprite_v1_6.css.svg IP216.58.207.193:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeSVG Scalable Vector Graphics image Hashd4dcfc8144f556815c7a1d84ed4e959e 22088bd6cdf970dcf7bfab9a74a4768548ca8890 73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
GET /responsive/sprite_v1_6.css.svg HTTP/1.1
Host: baan-seriestv.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: image/svg+xml
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2244
date: Sat, 04 May 2024 08:16:34 GMT
expires: Sat, 11 May 2024 08:16:34 GMT
cache-control: public, max-age=604800
last-modified: Fri, 03 May 2024 19:58:02 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 | 142.250.74.163 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 IP142.250.74.163:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 34852, version 1.0 Hash0e8eefb4549a2edf26c560cb9845952e 8d0b1718aacad934fd0043c87cbc54aa091396bf 7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 17:06:39 GMT
expires: Fri, 02 May 2025 17:06:39 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
age: 140995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 | 142.250.74.163 | 200 OK | 30 kB |
URL GET HTTP/2fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 IP142.250.74.163:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 30480, version 1.0 Hash0e7e5f9d3a8ef121149827180b790b5c 0e9f9333078e5df9245630ff6f68ba1d9da3c403 e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:16:01 GMT
expires: Fri, 02 May 2025 02:16:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
age: 194433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2 | 142.250.74.163 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2 IP142.250.74.163:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 19720, version 1.0 Hash08476bf46dff0e875683be6002075581 a289f83a7bc00cd332175ffa4ad96034acfd3116 75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
GET /s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:09:38 GMT
expires: Fri, 02 May 2025 02:09:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:47:57 GMT
content-type: font/woff2
age: 194816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 | 142.250.74.163 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 IP142.250.74.163:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20028, version 1.0 Hash2bfde17b9a1384ce64af78db1b87a82f 8effd23e482511e249c3f8e91cdc503729b93598 5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 18:28:12 GMT
expires: Fri, 02 May 2025 18:28:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
age: 136102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 | 142.250.74.163 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 IP142.250.74.163:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 19780, version 1.0 Hash03717344e4dbb2de44988b281bb7430b 0cd3f7724bd0a5bf2460e1a85e35ccfbd5e85c05 499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
GET /s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:00:08 GMT
expires: Sat, 03 May 2025 02:00:08 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
content-type: font/woff2
age: 108986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 | 142.250.74.163 | 200 OK | 30 kB |
URL GET HTTP/2fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 IP142.250.74.163:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 29752, version 1.0 Hashab1fc8621287e4ea9319a3136812cf80 fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3 7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 20:42:46 GMT
expires: Fri, 02 May 2025 20:42:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
age: 128028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.google.com/translate_a/element.js?cb=googleTranslateElementInit | 216.58.211.14 | 200 OK | 31 kB |
URL GET HTTP/2translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP216.58.211.14:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typegzip compressed data, max compression Hashd27ba889061f657a25028863feaefe2f 14f51fc805f14eb52f6776c21239de2244873ca1 7201a52e73c5a6d780a09be7eafef5bde59554c1ef6f111526155078462c7715
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 08:16:33 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash6919c5301e4b00fb221c4a60cc695ab9 bead569046249dd24fc1d213e3211c6640094b9f fbee9cdd1c51c7cadd08b55043770675a7575547f045b2f91f54410455c0ca65
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:16:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://baan-seriestv.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=fb06a73a-713e-47ac-a028-2d1bddef9ac4:3:1; expires=Tue, 02 May 2034 08:16:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash051ffcc96e47ba8e6fa4fbf54c6a7705 10ee478610e5f927672f17e1f1e8e02353706e01 c8dbf58030187dc6ff155d604f5ad8407bf2267a9f1e54437207d085e4f05276
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 08:16:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://baan-seriestv.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=9268d651-cc49-4250-8111-b1cf8550661f:3:1; expires=Tue, 02 May 2034 08:16:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.105.35 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.105.35:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5dad01944b968236a4eac8816700ce5a 33ade31360d87ec44762f022b58e378697231a47 c844f0217573898b54ce2dabfc8b1a4814b93bd40c77ac68429f0097670caed3
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 08:16:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://baan-seriestv.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=9189e7cc-aa2c-486c-9c81-be8d91646f21:2:1; expires=Tue, 02 May 2034 08:16:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| baskdisk.com/pixel/purst?dl=0&th=0&sc=0&rs=1839&rd=1839&fd=902&bv=24.5.6485&tmpl=70 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1baskdisk.com/pixel/purst?dl=0&th=0&sc=0&rs=1839&rd=1839&fd=902&bv=24.5.6485&tmpl=70 IP172.240.108.76:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbaskdisk.com Fingerprint38:F5:31:F3:64:B5:5C:ED:CA:6C:5E:FB:F7:04:F9:CE:A5:3C:74:BC ValidityMon, 29 Apr 2024 12:48:34 GMT - Sun, 28 Jul 2024 12:48:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1839&rd=1839&fd=902&bv=24.5.6485&tmpl=70 HTTP/1.1
Host: baskdisk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vooALWqfjEzOfqjMiSJRjH6auoINaWCu_yqXwj7wieR29cT3Gb3z37DfrX3PKYtrTv3cXwTnPB_pWEMihszq9hbnAfXq4TkoU0IjfFHMsgBjZf5Sspx2U01wgjytg2vfXyflcdr5Rce3nE5_b4WdqcNAdBWF4mqmOsnQsMkRXXuJDnG49p2OEPxbq4MqO1zATAChlPkUsoD3doqDtXR2Ei_SWM1gEVtN5yuJqjTVb6TUAs50Ua8ov9rufZLMieOs41p_EXxpQlvGJLyCQ0VjgJGIJYRvoSKGZKeSXvaftW_hgyeaxZbDZOmkMaLpJ8iIaAU_E11Qr5GkU6--r4to-RxsaeB2Foxkdz64ZUdnmEGiDBQ9fKfWvPDlX8UifhP0NWgKhzcC6X8Mm9Fz6_cEr8UOcDRCcjJYp2_lj6_V5nD5gyWPuvsz_9pNi_ONSyqtfjb4xqjLvI5crd1V6N1O3FOIaE7vrcCiWa1WYlgkCADXKDdONASlDSD_KZwl5vfMTIaAUFmxpBayyv6GdU6vBPx0TwSgrCj38DexrEv0L12R5_8RR7IfywOyn_wH7v36Y8xnOS5Q=w385-h184-p-k-no-nu | 142.250.74.97 | 404 Not Found | 2.2 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vooALWqfjEzOfqjMiSJRjH6auoINaWCu_yqXwj7wieR29cT3Gb3z37DfrX3PKYtrTv3cXwTnPB_pWEMihszq9hbnAfXq4TkoU0IjfFHMsgBjZf5Sspx2U01wgjytg2vfXyflcdr5Rce3nE5_b4WdqcNAdBWF4mqmOsnQsMkRXXuJDnG49p2OEPxbq4MqO1zATAChlPkUsoD3doqDtXR2Ei_SWM1gEVtN5yuJqjTVb6TUAs50Ua8ov9rufZLMieOs41p_EXxpQlvGJLyCQ0VjgJGIJYRvoSKGZKeSXvaftW_hgyeaxZbDZOmkMaLpJ8iIaAU_E11Qr5GkU6--r4to-RxsaeB2Foxkdz64ZUdnmEGiDBQ9fKfWvPDlX8UifhP0NWgKhzcC6X8Mm9Fz6_cEr8UOcDRCcjJYp2_lj6_V5nD5gyWPuvsz_9pNi_ONSyqtfjb4xqjLvI5crd1V6N1O3FOIaE7vrcCiWa1WYlgkCADXKDdONASlDSD_KZwl5vfMTIaAUFmxpBayyv6GdU6vBPx0TwSgrCj38DexrEv0L12R5_8RR7IfywOyn_wH7v36Y8xnOS5Q=w385-h184-p-k-no-nu IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1136) Hash57953c625cfefcb6c4ba7eb90b9341dc 6d65db00b927df50a5fc38612d4b6d2d9f84ce54 bb7f2cd6637aa735d878658852b003f3976ccd1653a8ff4654343039b2524d4b
GET /blogger_img_proxy/AEn0k_vooALWqfjEzOfqjMiSJRjH6auoINaWCu_yqXwj7wieR29cT3Gb3z37DfrX3PKYtrTv3cXwTnPB_pWEMihszq9hbnAfXq4TkoU0IjfFHMsgBjZf5Sspx2U01wgjytg2vfXyflcdr5Rce3nE5_b4WdqcNAdBWF4mqmOsnQsMkRXXuJDnG49p2OEPxbq4MqO1zATAChlPkUsoD3doqDtXR2Ei_SWM1gEVtN5yuJqjTVb6TUAs50Ua8ov9rufZLMieOs41p_EXxpQlvGJLyCQ0VjgJGIJYRvoSKGZKeSXvaftW_hgyeaxZbDZOmkMaLpJ8iIaAU_E11Qr5GkU6--r4to-RxsaeB2Foxkdz64ZUdnmEGiDBQ9fKfWvPDlX8UifhP0NWgKhzcC6X8Mm9Fz6_cEr8UOcDRCcjJYp2_lj6_V5nD5gyWPuvsz_9pNi_ONSyqtfjb4xqjLvI5crd1V6N1O3FOIaE7vrcCiWa1WYlgkCADXKDdONASlDSD_KZwl5vfMTIaAUFmxpBayyv6GdU6vBPx0TwSgrCj38DexrEv0L12R5_8RR7IfywOyn_wH7v36Y8xnOS5Q=w385-h184-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:34 GMT
server: fife
content-length: 2189
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_skI0RovsH09rvXBVO8C6XFiXBonxaURRHJXXAlk0RVUAe8oQMkavq2NkIimSl6m0z_XBWa-oTaNmrdUk-u5jwhcr9fJJgT5EklZefR1lGaV7bbz0LFzBkSaXf4sDcX8iRI1dRcJTMlsz6VM3XdTnHPzv0vi5QuwPUgEqyqA16BJhu9WWCAjspDeaKDBOoAmq8oWMOIMyMo7GoBX1mLEsx71KxR9vWDZZnHMdWBjoakbg=w385-h184-p-k-no-nu | 142.250.74.97 | 404 Not Found | 1.8 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_skI0RovsH09rvXBVO8C6XFiXBonxaURRHJXXAlk0RVUAe8oQMkavq2NkIimSl6m0z_XBWa-oTaNmrdUk-u5jwhcr9fJJgT5EklZefR1lGaV7bbz0LFzBkSaXf4sDcX8iRI1dRcJTMlsz6VM3XdTnHPzv0vi5QuwPUgEqyqA16BJhu9WWCAjspDeaKDBOoAmq8oWMOIMyMo7GoBX1mLEsx71KxR9vWDZZnHMdWBjoakbg=w385-h184-p-k-no-nu IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1136) Hash2c4d349aec275a016a5011f6921da6fb 66880abc759c1ebb7e9cb7f4dc5226ed5c741c86 0a468e23f445a507882abfce2ebac9035b1a528d858ab9574f59aa62fbccba25
GET /blogger_img_proxy/AEn0k_skI0RovsH09rvXBVO8C6XFiXBonxaURRHJXXAlk0RVUAe8oQMkavq2NkIimSl6m0z_XBWa-oTaNmrdUk-u5jwhcr9fJJgT5EklZefR1lGaV7bbz0LFzBkSaXf4sDcX8iRI1dRcJTMlsz6VM3XdTnHPzv0vi5QuwPUgEqyqA16BJhu9WWCAjspDeaKDBOoAmq8oWMOIMyMo7GoBX1mLEsx71KxR9vWDZZnHMdWBjoakbg=w385-h184-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:34 GMT
server: fife
content-length: 1841
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.profitablecreativeformat.com/79bfa3a3a5a99fe8abf7ce5d5dc649ff/invoke.js | 192.243.59.12 | 200 OK | 12 kB |
URL GET HTTP/1.1www.profitablecreativeformat.com/79bfa3a3a5a99fe8abf7ce5d5dc649ff/invoke.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectprofitablecreativeformat.com FingerprintC7:01:5B:D2:B5:18:6C:2C:79:0C:AF:02:2F:DF:55:0F:A7:52:9A:F5 ValidityWed, 27 Mar 2024 07:43:52 GMT - Tue, 25 Jun 2024 07:43:51 GMT
File typeJavaScript source, ASCII text, with very long lines (31247), with no line terminators Hash606834a4e377356455b179efbed2d879 4e36d1da256bfa36c5f4220076a1a624c2dba645 813c2fb831f185dec9f36aa8749278d8a32031f6d997b3603a2272888433beab
GET /79bfa3a3a5a99fe8abf7ce5d5dc649ff/invoke.js HTTP/1.1
Host: www.profitablecreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 08:16:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dfc147dd9612efba257a11ccdfd09993
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| bossdescendentrefer.com/ntv.json?key=6f04a9e1b188278c7175c138eae2548c&vstc=4 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1bossdescendentrefer.com/ntv.json?key=6f04a9e1b188278c7175c138eae2548c&vstc=4 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectbossdescendentrefer.com FingerprintF2:EC:AB:00:C5:F5:A2:75:23:C7:72:0F:46:02:0C:44:3C:6B:B6:AD ValidityMon, 29 Apr 2024 08:38:40 GMT - Sun, 28 Jul 2024 08:38:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ntv.json?key=6f04a9e1b188278c7175c138eae2548c&vstc=4 HTTP/1.1
Host: bossdescendentrefer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 08:16:35 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://baan-seriestv.blogspot.com
Access-Control-Allow-Origin: https://baan-seriestv.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19504838; expires=Sun, 05 May 2024 08:16:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6fed424162722a17bef308f19a1dc29f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tF9ova4Th6EhONOsMcYgueQvk2gFRXZrwHUpJsXaSYsDvmRyHghNd7r_MymETdg1BssskrsoSAtpdxXP0KbHE95xW30COc_DJQNJFjqWlDpDGkuzJo_EoNHRhz1C3dj-Q6VOhNH7Bsl7zoyImF=w385-h184-p-k-no-nu | 142.250.74.97 | 404 Not Found | 1.8 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tF9ova4Th6EhONOsMcYgueQvk2gFRXZrwHUpJsXaSYsDvmRyHghNd7r_MymETdg1BssskrsoSAtpdxXP0KbHE95xW30COc_DJQNJFjqWlDpDGkuzJo_EoNHRhz1C3dj-Q6VOhNH7Bsl7zoyImF=w385-h184-p-k-no-nu IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1136) Hash58ff2da793cf09b331806456c00aac9b b974a15e45e29508afe28446c1f2c74c678c9ba2 6af277010c3246101c26f194f228fd9d99ea2582a0397e1ecf40c86d976eee11
GET /blogger_img_proxy/AEn0k_tF9ova4Th6EhONOsMcYgueQvk2gFRXZrwHUpJsXaSYsDvmRyHghNd7r_MymETdg1BssskrsoSAtpdxXP0KbHE95xW30COc_DJQNJFjqWlDpDGkuzJo_EoNHRhz1C3dj-Q6VOhNH7Bsl7zoyImF=w385-h184-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:35 GMT
server: fife
content-length: 1751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/blogger_img_proxy/AEn0k_ssnLPCou6NSnAMSB-BxkEm52qFxO0c8u-qiy7WpyTeTtr5RSiDHWj1yay1VPP80dzAwnORdK-uC8TTShl2TiY8IEvY-_a4qsHl6zfKRSOH1IhZULmw_edfvNjKw3f_c6bLh8GwonoK7V7rRh3cX1v8AzFqBMKZwuOb3DyF046Cx4_Lu1Jwh9r-KOk-Cbbj4mfJFw=w385-h184-p-k-no-nu | 142.250.74.97 | 404 Not Found | 1.8 kB |
URL GET HTTP/2lh3.googleusercontent.com/blogger_img_proxy/AEn0k_ssnLPCou6NSnAMSB-BxkEm52qFxO0c8u-qiy7WpyTeTtr5RSiDHWj1yay1VPP80dzAwnORdK-uC8TTShl2TiY8IEvY-_a4qsHl6zfKRSOH1IhZULmw_edfvNjKw3f_c6bLh8GwonoK7V7rRh3cX1v8AzFqBMKZwuOb3DyF046Cx4_Lu1Jwh9r-KOk-Cbbj4mfJFw=w385-h184-p-k-no-nu IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1136) Hasha62951df1b2aa6a3c3c664c9888496db 901b518e37eebad5fad884dfcdb48143e3c9457a 35c0018dad657bfb33c044fbba5fdd7f4d556e0220dcef96bfbe26fabf608c78
GET /blogger_img_proxy/AEn0k_ssnLPCou6NSnAMSB-BxkEm52qFxO0c8u-qiy7WpyTeTtr5RSiDHWj1yay1VPP80dzAwnORdK-uC8TTShl2TiY8IEvY-_a4qsHl6zfKRSOH1IhZULmw_edfvNjKw3f_c6bLh8GwonoK7V7rRh3cX1v8AzFqBMKZwuOb3DyF046Cx4_Lu1Jwh9r-KOk-Cbbj4mfJFw=w385-h184-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:35 GMT
server: fife
content-length: 1801
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEf5BXNKE6ZE5DJ3PzKx6GMlFeJNIgYI6mxF9TP9OrhqtxXWQvP7Oy1yvB-Nrkcg0ChMWaPo8s51yC9jq3OiGi8QC3RJK53aJfN0PS4wVfr_xzl_vA5VQp1z8yvJfdWlqnT6srtBgs4ozdG0STnuE5nXhknxwB43pkW2oAx7xXovIYkzdl1HB-NZiGjJTX/w385-h184-p-k-no-nu/KOREA.jpg | 142.250.74.97 | 200 OK | 38 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEf5BXNKE6ZE5DJ3PzKx6GMlFeJNIgYI6mxF9TP9OrhqtxXWQvP7Oy1yvB-Nrkcg0ChMWaPo8s51yC9jq3OiGi8QC3RJK53aJfN0PS4wVfr_xzl_vA5VQp1z8yvJfdWlqnT6srtBgs4ozdG0STnuE5nXhknxwB43pkW2oAx7xXovIYkzdl1HB-NZiGjJTX/w385-h184-p-k-no-nu/KOREA.jpg IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 385x184, components 3 Hash5ff4f9f7af651674b8b18eb7772d5640 9f86fe60e94e08bc68151b3802a478a7fe922b06 61340115d37d53960c60c5a648a561bbf99c32183ee4440642ec6b3b007e960e
GET /img/b/R29vZ2xl/AVvXsEjEf5BXNKE6ZE5DJ3PzKx6GMlFeJNIgYI6mxF9TP9OrhqtxXWQvP7Oy1yvB-Nrkcg0ChMWaPo8s51yC9jq3OiGi8QC3RJK53aJfN0PS4wVfr_xzl_vA5VQp1z8yvJfdWlqnT6srtBgs4ozdG0STnuE5nXhknxwB43pkW2oAx7xXovIYkzdl1HB-NZiGjJTX/w385-h184-p-k-no-nu/KOREA.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v24f"
expires: Sun, 05 May 2024 08:16:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="KOREA.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:35 GMT
server: fife
content-length: 38488
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhff9rO13_W0NHSoIYc5s1FwSgoyW6e240HTi5XeebH1v-WJncXWrl1VLdV504akf2Ahs8I5wypH0HhNTJbIL7gUPg_Uk-BbtpIkZ-SfCpk_F4QSHgfojLEaEAx1V98UHLi90vrcu2SDJlKbrckB-rIqq96QeXOOIgM8b1Y3J6H4y364R1i8c9IQ9h0b6Kw/w385-h184-p-k-no-nu/gTu2bS9Hn2AF6Ct3SBT44HkWXjD.jpg | 142.250.74.97 | 200 OK | 33 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhff9rO13_W0NHSoIYc5s1FwSgoyW6e240HTi5XeebH1v-WJncXWrl1VLdV504akf2Ahs8I5wypH0HhNTJbIL7gUPg_Uk-BbtpIkZ-SfCpk_F4QSHgfojLEaEAx1V98UHLi90vrcu2SDJlKbrckB-rIqq96QeXOOIgM8b1Y3J6H4y364R1i8c9IQ9h0b6Kw/w385-h184-p-k-no-nu/gTu2bS9Hn2AF6Ct3SBT44HkWXjD.jpg IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 385x184, components 3 Hashe85a23d21532a222e9b84875b97bc145 739a9057fa41659f7caebbd6fe8318d16a09e304 d4774fd6a6dabbe2c4c6bd7aed5d39c200cca1f4e3373d0b67145c59332460c2
GET /img/b/R29vZ2xl/AVvXsEhff9rO13_W0NHSoIYc5s1FwSgoyW6e240HTi5XeebH1v-WJncXWrl1VLdV504akf2Ahs8I5wypH0HhNTJbIL7gUPg_Uk-BbtpIkZ-SfCpk_F4QSHgfojLEaEAx1V98UHLi90vrcu2SDJlKbrckB-rIqq96QeXOOIgM8b1Y3J6H4y364R1i8c9IQ9h0b6Kw/w385-h184-p-k-no-nu/gTu2bS9Hn2AF6Ct3SBT44HkWXjD.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v24a"
expires: Sun, 05 May 2024 08:16:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gTu2bS9Hn2AF6Ct3SBT44HkWXjD.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:35 GMT
server: fife
content-length: 32669
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.profitablecreativeformat.com/7f309f58d35166f1f78151eeec3e5245/invoke.js | 192.243.59.12 | 200 OK | 12 kB |
URL GET HTTP/1.1www.profitablecreativeformat.com/7f309f58d35166f1f78151eeec3e5245/invoke.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectprofitablecreativeformat.com FingerprintC7:01:5B:D2:B5:18:6C:2C:79:0C:AF:02:2F:DF:55:0F:A7:52:9A:F5 ValidityWed, 27 Mar 2024 07:43:52 GMT - Tue, 25 Jun 2024 07:43:51 GMT
File typeJavaScript source, ASCII text, with very long lines (31238), with no line terminators Hash84f65cdac9089572ec787dc5de4c864a f323aa7a443c6150ebb347e3e2d0283585fae8df dc523944a8a3fe3e2aba5eac0477f87b095f0b22bfa76c110b30886be3df03f1
GET /7f309f58d35166f1f78151eeec3e5245/invoke.js HTTP/1.1
Host: www.profitablecreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 08:16:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bfb30e487bc0ceabf9f7f8a8d9de2fd7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5boJfW-plRsBpjeztfdMTgoSPkIiSLLbRmbYp5il-ARl8vldW_wd4Lh77QlZJRA0TCw6i8hJynrFYZRr0kEl--jfJ0AlhsGcSrYcogrDcCkhseoyWrbp5JLmmzNLXe8wGdleXY5M8OYHBop5aWHSh22IKJaKu0WVvsfvNcumNn6bHu8HgTchNmpb-SGnF/w385-h184-p-k-no-nu/blood.jpg | 142.250.74.97 | 200 OK | 42 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5boJfW-plRsBpjeztfdMTgoSPkIiSLLbRmbYp5il-ARl8vldW_wd4Lh77QlZJRA0TCw6i8hJynrFYZRr0kEl--jfJ0AlhsGcSrYcogrDcCkhseoyWrbp5JLmmzNLXe8wGdleXY5M8OYHBop5aWHSh22IKJaKu0WVvsfvNcumNn6bHu8HgTchNmpb-SGnF/w385-h184-p-k-no-nu/blood.jpg IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 385x184, components 3 Hash1e7df81d4afb1711a159a58708d4aafa cd9fda884dbabb47ed42621137f4972cc66b94d3 8b1341782a2bbdd92e53149e599e55020e4430e83619f5bd798612d3ab2c9f45
GET /img/b/R29vZ2xl/AVvXsEh5boJfW-plRsBpjeztfdMTgoSPkIiSLLbRmbYp5il-ARl8vldW_wd4Lh77QlZJRA0TCw6i8hJynrFYZRr0kEl--jfJ0AlhsGcSrYcogrDcCkhseoyWrbp5JLmmzNLXe8wGdleXY5M8OYHBop5aWHSh22IKJaKu0WVvsfvNcumNn6bHu8HgTchNmpb-SGnF/w385-h184-p-k-no-nu/blood.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v255"
expires: Sun, 05 May 2024 08:16:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="blood.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:35 GMT
server: fife
content-length: 42065
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0AFUcku8k_7vjqFhvt7vEONY9tALggxLW0qeLw_qV44gxW-qxpy9DSEoyEUq71qVT51TZ_ixaVSWtxmcjZ1qH9qaolIWiEdGssJLXt4QgGo_pOQH19cWO-WHSVnWZmd70QUXCdb4qoomx1iw1oqetMV91pxl3Qo0K6BrufdQEJLb3OPCbTctGh4tbSHr-/w385-h184-p-k-no-nu/aLMD9HC99jgML0sNC7abkG0pP3E.jpg | 142.250.74.97 | 200 OK | 9.4 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0AFUcku8k_7vjqFhvt7vEONY9tALggxLW0qeLw_qV44gxW-qxpy9DSEoyEUq71qVT51TZ_ixaVSWtxmcjZ1qH9qaolIWiEdGssJLXt4QgGo_pOQH19cWO-WHSVnWZmd70QUXCdb4qoomx1iw1oqetMV91pxl3Qo0K6BrufdQEJLb3OPCbTctGh4tbSHr-/w385-h184-p-k-no-nu/aLMD9HC99jgML0sNC7abkG0pP3E.jpg IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 385x184, components 3 Hash5bc29b616e1386343ab2384794d54b85 6bb3de298513d43803b26e7b77c6bd051053ead3 bb072b486bc90883fb032f6bcc96d65a058cf826bd34f760d44c840372dae7a6
GET /img/b/R29vZ2xl/AVvXsEg0AFUcku8k_7vjqFhvt7vEONY9tALggxLW0qeLw_qV44gxW-qxpy9DSEoyEUq71qVT51TZ_ixaVSWtxmcjZ1qH9qaolIWiEdGssJLXt4QgGo_pOQH19cWO-WHSVnWZmd70QUXCdb4qoomx1iw1oqetMV91pxl3Qo0K6BrufdQEJLb3OPCbTctGh4tbSHr-/w385-h184-p-k-no-nu/aLMD9HC99jgML0sNC7abkG0pP3E.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v248"
expires: Sun, 05 May 2024 08:16:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="aLMD9HC99jgML0sNC7abkG0pP3E.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:35 GMT
server: fife
content-length: 9361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghwpd5uYO4XKE4TJabPS1p8e88X1wSMoeVH8NmN8AHOWn7vuYvkRYnjRewVEQmDgBwI9JqX1vPRCll9sNc67uugRC2DO6bkfG7awWV919e2WbZBFylpZ_grXsXVkUNIQ9__4XmxRpy_DX1tzlAgUTt4BHengnh5nuI65rGIBY7QsAbHwAcnFLiY1ou4xgs/w385-h184-p-k-no-nu/SWEET%20GAMES.jpg | 142.250.74.97 | 200 OK | 8.7 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghwpd5uYO4XKE4TJabPS1p8e88X1wSMoeVH8NmN8AHOWn7vuYvkRYnjRewVEQmDgBwI9JqX1vPRCll9sNc67uugRC2DO6bkfG7awWV919e2WbZBFylpZ_grXsXVkUNIQ9__4XmxRpy_DX1tzlAgUTt4BHengnh5nuI65rGIBY7QsAbHwAcnFLiY1ou4xgs/w385-h184-p-k-no-nu/SWEET%20GAMES.jpg IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 385x184, components 3 Hashfbafabe48da58e92fa64341ec7320e37 62c5fa440902c95cf776f228a9cd1a38662dfe52 72aca61f9008c188fe6998fa3ca3aed43fd17b4ca7ab3e2f044c599a360cc15b
GET /img/b/R29vZ2xl/AVvXsEghwpd5uYO4XKE4TJabPS1p8e88X1wSMoeVH8NmN8AHOWn7vuYvkRYnjRewVEQmDgBwI9JqX1vPRCll9sNc67uugRC2DO6bkfG7awWV919e2WbZBFylpZ_grXsXVkUNIQ9__4XmxRpy_DX1tzlAgUTt4BHengnh5nuI65rGIBY7QsAbHwAcnFLiY1ou4xgs/w385-h184-p-k-no-nu/SWEET%20GAMES.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v24d"
expires: Sun, 05 May 2024 08:16:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SWEET GAMES.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:35 GMT
server: fife
content-length: 8712
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmQolygukQTlx4eA2tUAAE_vA8D42X3J-eh5qzowWdHvb3Bna-vmSwcOZQxWUPG4Cei4NytZoqreWa0ByYDgAWBv9phM_P9VIwTRg1CUk4mh4s3JSCoMH_pQXV95dBH2Krb9rEL0JoCAJh860d3Z5tjPgyg03mY9C0292pzeE1ysvgPH-SueY0QPwBNNl5/w385-h184-p-k-no-nu/twenty.jpg | 142.250.74.97 | 200 OK | 23 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmQolygukQTlx4eA2tUAAE_vA8D42X3J-eh5qzowWdHvb3Bna-vmSwcOZQxWUPG4Cei4NytZoqreWa0ByYDgAWBv9phM_P9VIwTRg1CUk4mh4s3JSCoMH_pQXV95dBH2Krb9rEL0JoCAJh860d3Z5tjPgyg03mY9C0292pzeE1ysvgPH-SueY0QPwBNNl5/w385-h184-p-k-no-nu/twenty.jpg IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 385x184, components 3 Hash4196af356885e4b3bce53d4192635665 49555b249dee7a7eed22550a6a4190759b881110 d11f030f765d18254ae70a8aee034c184d8a0ee62e451a5d340894f022df5127
GET /img/b/R29vZ2xl/AVvXsEhmQolygukQTlx4eA2tUAAE_vA8D42X3J-eh5qzowWdHvb3Bna-vmSwcOZQxWUPG4Cei4NytZoqreWa0ByYDgAWBv9phM_P9VIwTRg1CUk4mh4s3JSCoMH_pQXV95dBH2Krb9rEL0JoCAJh860d3Z5tjPgyg03mY9C0292pzeE1ysvgPH-SueY0QPwBNNl5/w385-h184-p-k-no-nu/twenty.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v253"
expires: Sun, 05 May 2024 08:16:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="twenty.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:35 GMT
server: fife
content-length: 22696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.profitablecreativeformat.com/026c4c7549076c46ea29e8df155ecef5/invoke.js | 192.243.59.12 | 200 OK | 12 kB |
URL GET HTTP/1.1www.profitablecreativeformat.com/026c4c7549076c46ea29e8df155ecef5/invoke.js IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectprofitablecreativeformat.com FingerprintC7:01:5B:D2:B5:18:6C:2C:79:0C:AF:02:2F:DF:55:0F:A7:52:9A:F5 ValidityWed, 27 Mar 2024 07:43:52 GMT - Tue, 25 Jun 2024 07:43:51 GMT
File typeJavaScript source, ASCII text, with very long lines (31265), with no line terminators Hashfc88244171f67e087f92712ec11664f6 af36c7bf5bf47e2aaf45aea765e8a35b2dd3f13a 2759607877cb31caf27b833b445de6e2302cf0d36ca68c8440491e0fa974c087
GET /026c4c7549076c46ea29e8df155ecef5/invoke.js HTTP/1.1
Host: www.profitablecreativeformat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 May 2024 08:16:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 912b519752720d1c1cc0f2659bd0c7ff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyLMekwuJ334TMsabIh6gas5YQyHHsTU2JBVUlYVK9IUeVfDj8esOkHUNz5YSznPY8-VLMcnj4G_QJfmiCPBnsArYVPer5gZs0jZnAt-RybjFJYD2Xu9aJf3ohqzI4S1Yq0RUrXJUWb5f9GZfAMY1dhL5RKjGi3-o_knr_t_MgN14LdbXlWaECfp2WmsJf/w385-h184-p-k-no-nu/PENDING.jpg | 142.250.74.97 | 200 OK | 42 kB |
URL GET HTTP/2blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyLMekwuJ334TMsabIh6gas5YQyHHsTU2JBVUlYVK9IUeVfDj8esOkHUNz5YSznPY8-VLMcnj4G_QJfmiCPBnsArYVPer5gZs0jZnAt-RybjFJYD2Xu9aJf3ohqzI4S1Yq0RUrXJUWb5f9GZfAMY1dhL5RKjGi3-o_knr_t_MgN14LdbXlWaECfp2WmsJf/w385-h184-p-k-no-nu/PENDING.jpg IP142.250.74.97:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint7B:64:D0:4F:29:87:0A:A8:90:15:F1:9F:B6:8F:FB:D6:AC:D2:76:56 ValidityTue, 16 Apr 2024 04:13:47 GMT - Tue, 09 Jul 2024 04:13:46 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 385x184, components 3 Hashb028dc14368c6cc61b88b8bebf4ad354 f717fe53c5fabd7698e102f3a4df36245b0cf906 4fb91b2c1ff19ad8a5532028aab8d58e539e7dd42929f79828ab80c17f726f7e
GET /img/b/R29vZ2xl/AVvXsEhyLMekwuJ334TMsabIh6gas5YQyHHsTU2JBVUlYVK9IUeVfDj8esOkHUNz5YSznPY8-VLMcnj4G_QJfmiCPBnsArYVPer5gZs0jZnAt-RybjFJYD2Xu9aJf3ohqzI4S1Yq0RUrXJUWb5f9GZfAMY1dhL5RKjGi3-o_knr_t_MgN14LdbXlWaECfp2WmsJf/w385-h184-p-k-no-nu/PENDING.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v251"
expires: Sun, 05 May 2024 08:16:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PENDING.jpg"
x-content-type-options: nosniff
date: Sat, 04 May 2024 08:16:35 GMT
server: fife
content-length: 42146
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css | 142.250.74.99 | | 4.0 kB |
URL GET www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css IP142.250.74.99:0
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 10:35:45 GMT
expires: Sat, 03 May 2025 10:35:45 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 78050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs | 142.250.74.46 | 200 OK | 61 kB |
URL GET HTTP/3apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP142.250.74.46:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Hash575e42a695a782c950bd57d1cd413c7e 8549b65a7e35bd251ac277315a063c07ea288a2e c3f62bbfcc26082d78406d7f36866969da709db71ef269081374aee5a5b2cf21
GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 61025
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:48:35 GMT
expires: Fri, 02 May 2025 01:48:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 18:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 196080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.vlWcFy1Qa4I.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfq6l3AG_8lO_Z07zI9zgoV_hHwsug/m=el_main | 142.250.74.138 | 200 OK | 73 kB |
URL GET HTTP/2translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.vlWcFy1Qa4I.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfq6l3AG_8lO_Z07zI9zgoV_hHwsug/m=el_main IP142.250.74.138:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (2297) Hash605f56f43acc68919c70135617d4d7f5 b8378f17248b2beb8ad28dc47d89d570917752eb a91e9b2563b0fcf3155dd2afb6a8f88dcee2fb654ce55cc1cb0436e1fe024bac
GET /_/translate_http/_/js/k=translate_http.tr.no.vlWcFy1Qa4I.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfq6l3AG_8lO_Z07zI9zgoV_hHwsug/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 72608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 17:11:49 GMT
expires: Fri, 02 May 2025 17:11:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 May 2024 19:12:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 140686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.blogger.com/img/blogger_logo_round_35.png | 216.58.207.233 | 200 OK | 2.5 kB |
URL GET HTTP/3www.blogger.com/img/blogger_logo_round_35.png IP216.58.207.233:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64 ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT
File typePNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced Hash838622483cbfed35380b4705f19d7cca 7de684136affc969a24d61927afc18905cf2fc36 183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2531
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:02:00 GMT
expires: Thu, 09 May 2024 02:02:00 GMT
cache-control: public, max-age=604800
last-modified: Tue, 30 Apr 2024 23:56:35 GMT
content-type: image/png
age: 195275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| donateentrailskindly.com/sbar.json?key=65d9338a0de48da83a51dda015ac0fc8&psid=CF-3448_1&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1donateentrailskindly.com/sbar.json?key=65d9338a0de48da83a51dda015ac0fc8&psid=CF-3448_1&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdonateentrailskindly.com Fingerprint03:3A:5A:3D:D8:11:7C:BD:5B:E6:2A:C6:C1:25:D3:D1:07:37:3B:3A ValidityMon, 29 Apr 2024 12:49:22 GMT - Sun, 28 Jul 2024 12:49:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=65d9338a0de48da83a51dda015ac0fc8&psid=CF-3448_1&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 HTTP/1.1
Host: donateentrailskindly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:35 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://baan-seriestv.blogspot.com
Access-Control-Allow-Origin: https://baan-seriestv.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19328286; expires=Sun, 05 May 2024 08:16:35 GMT; secure; SameSite=None
uid_id2=9189e7cc-aa2c-486c-9c81-be8d91646f21:2:1; expires=Sat, 11 May 2024 08:16:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 921e6dfaabcc54edf9073d48c13dcfde
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| pagead2.googlesyndication.com/pagead/js/google_top_exp.js | 142.250.74.34 | 200 OK | 42 B |
URL GET HTTP/2pagead2.googlesyndication.com/pagead/js/google_top_exp.js IP142.250.74.34:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net Fingerprint09:C3:90:43:D3:09:4E:26:62:79:17:6F:1D:33:E5:FA:DF:77:3E:7B ValidityTue, 16 Apr 2024 03:18:52 GMT - Tue, 09 Jul 2024 03:18:51 GMT
Hash7f5f2be159837d73b72a4b37616bce44 c93d7f25b530b05c26440d3352213b683d03dcc3 ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Fri, 03 May 2024 13:38:12 GMT
expires: Fri, 17 May 2024 13:38:12 GMT
cache-control: public, max-age=1209600
age: 67103
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg | 142.250.74.163 | 200 OK | 3.3 kB |
URL GET HTTP/3fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP142.250.74.163:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeSVG Scalable Vector Graphics image Hash2bd5c073a88b83ed74db88282a56ddfb d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650 ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:45:27 GMT
expires: Fri, 02 May 2025 23:45:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 117068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png | 142.250.74.99 | 200 OK | 910 B |
URL GET HTTP/3www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png IP142.250.74.99:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced Hashefa6bb2bfe459bc6f4bdafa3db0383f6 52d15ce52fe50643e542c17812de43f4ed1b6ee0 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 20:49:02 GMT
expires: Fri, 02 May 2025 20:49:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
vary: Origin
age: 127653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| burialsupple.com/watch.1127520738419.js?key=79bfa3a3a5a99fe8abf7ce5d5dc649ff&kw=%5B%22baan-series%22%5D&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 | 172.240.108.76 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1burialsupple.com/watch.1127520738419.js?key=79bfa3a3a5a99fe8abf7ce5d5dc649ff&kw=%5B%22baan-series%22%5D&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 IP172.240.108.76:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectburialsupple.com Fingerprint11:A8:82:0B:E5:A2:FE:92:CB:27:6A:45:0E:1E:E7:84:5D:B8:A6:52 ValidityMon, 29 Apr 2024 08:14:08 GMT - Sun, 28 Jul 2024 08:14:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1127520738419.js?key=79bfa3a3a5a99fe8abf7ce5d5dc649ff&kw=%5B%22baan-series%22%5D&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 HTTP/1.1
Host: burialsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://baan-seriestv.blogspot.com
Access-Control-Allow-Origin: https://baan-seriestv.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://burialsupple.com/watch.1127520738419.js?dev=e&key=79bfa3a3a5a99fe8abf7ce5d5dc649ff&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=14ddfe2fe57af9a369e888aff5692e2447b7aec5c96bb7b6666bd2b81b446b22301c8237197c5d9d564e1a9c4ce63cd16afa6e7cf45bb215849aa0332ab197fdf1c5637914eb21c747f6b66e9dbe23adcf7bf4f6e38f226a2f14086fe2b4&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1
Set-Cookie: u_pl=19269501; expires=Sun, 05 May 2024 08:16:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI2OTUwMSwiayI6Ijc5YmZhM2EzYTVhOTlmZThhYmY3Y2U1ZDVkYzY0OWZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTE3OTY0LCJwaWQiOjU5MTU1OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJkaHNnOWdudmp0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYmFhbi1zZXJpZXN0di5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.G6VJuhg_EKXddxFh61RkcgJ-w1zKGkH032LSU4kpBTA; expires=Sat, 04 May 2024 08:17:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91a43ff03c0ce6edd0000cd273a6f63d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.99 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.99:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=AAM/d=0/rs=AN8SPfo47ZI4Pt9KwV-0738jND9vOwmjgQ/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 13:31:20 GMT
expires: Sat, 03 May 2025 13:31:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 67515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| blesshunt.com/watch.693701560012.js?key=7f309f58d35166f1f78151eeec3e5245&kw=%5B%22baan-series%22%5D&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 | 172.240.108.68 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1blesshunt.com/watch.693701560012.js?key=7f309f58d35166f1f78151eeec3e5245&kw=%5B%22baan-series%22%5D&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 IP172.240.108.68:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectblesshunt.com Fingerprint38:54:D2:52:04:4A:D1:5A:AF:61:74:52:84:6E:7D:AD:01:13:C9:FE ValidityMon, 29 Apr 2024 08:18:39 GMT - Sun, 28 Jul 2024 08:18:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.693701560012.js?key=7f309f58d35166f1f78151eeec3e5245&kw=%5B%22baan-series%22%5D&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 HTTP/1.1
Host: blesshunt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://baan-seriestv.blogspot.com
Access-Control-Allow-Origin: https://baan-seriestv.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://blesshunt.com/watch.693701560012.js?dev=e&key=7f309f58d35166f1f78151eeec3e5245&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=498e37c682bd57a8ceb9a6dbaa7a948eb2dab2e80cc2681441bcce6b6604c7db71aaa2230f5adbd63aea0f7fb0a2f8934afd133ec940bb5519e87b59becbed311024866c41121752cee4a87629ab2d92cb506ab0702f13b0260be62f68cbec701b2cba&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1
Set-Cookie: u_pl=19269497; expires=Sun, 05 May 2024 08:16:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI2OTQ5NywiayI6IjdmMzA5ZjU4ZDM1MTY2ZjFmNzgxNTFlZWVjM2U1MjQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTE3OTY0LCJwaWQiOjU5MTU1OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ4ZHJxbmUzcXNhIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYmFhbi1zZXJpZXN0di5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.gSegEUutBOBzFulUuhfhrtYDepBkoXpMLM6ErjpFUls; expires=Sat, 04 May 2024 08:17:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7f9386263d725789328c91d408621239
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| burialsupple.com/watch.1127520738419.js?dev=e&key=79bfa3a3a5a99fe8abf7ce5d5dc649ff&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=14ddfe2fe57af9a369e888aff5692e2447b7aec5c96bb7b6666bd2b81b446b22301c8237197c5d9d564e1a9c4ce63cd16afa6e7cf45bb215849aa0332ab197fdf1c5637914eb21c747f6b66e9dbe23adcf7bf4f6e38f226a2f14086fe2b4&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1burialsupple.com/watch.1127520738419.js?dev=e&key=79bfa3a3a5a99fe8abf7ce5d5dc649ff&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=14ddfe2fe57af9a369e888aff5692e2447b7aec5c96bb7b6666bd2b81b446b22301c8237197c5d9d564e1a9c4ce63cd16afa6e7cf45bb215849aa0332ab197fdf1c5637914eb21c747f6b66e9dbe23adcf7bf4f6e38f226a2f14086fe2b4&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 IP172.240.108.76:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectburialsupple.com Fingerprint11:A8:82:0B:E5:A2:FE:92:CB:27:6A:45:0E:1E:E7:84:5D:B8:A6:52 ValidityMon, 29 Apr 2024 08:14:08 GMT - Sun, 28 Jul 2024 08:14:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1127520738419.js?dev=e&key=79bfa3a3a5a99fe8abf7ce5d5dc649ff&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=14ddfe2fe57af9a369e888aff5692e2447b7aec5c96bb7b6666bd2b81b446b22301c8237197c5d9d564e1a9c4ce63cd16afa6e7cf45bb215849aa0332ab197fdf1c5637914eb21c747f6b66e9dbe23adcf7bf4f6e38f226a2f14086fe2b4&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 HTTP/1.1
Host: burialsupple.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
Referer: https://baan-seriestv.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19269501; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI2OTUwMSwiayI6Ijc5YmZhM2EzYTVhOTlmZThhYmY3Y2U1ZDVkYzY0OWZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTE3OTY0LCJwaWQiOjU5MTU1OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJkaHNnOWdudmp0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYmFhbi1zZXJpZXN0di5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.G6VJuhg_EKXddxFh61RkcgJ-w1zKGkH032LSU4kpBTA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://baan-seriestv.blogspot.com
Access-Control-Allow-Origin: https://baan-seriestv.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9189e7cc-aa2c-486c-9c81-be8d91646f21:2:1; expires=Sat, 11 May 2024 08:16:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 70820d57bc7f4f2c0a3a56da1fc53704
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback | 142.250.74.138 | | 1.4 kB |
URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP142.250.74.138:0
Hasha3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 04 May 2024 08:16:35 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=513=ekHcIrj2wV1UkQ_rJ1C4rqZ2Xp9smYxmnL5r-pewtZ89IJ25_apFdCVEZlKxfEVYSZrTlNhUXrSJLqxgBY52Zve1fSqzRgmurGuwH0QiAZPeacbgfXcTvt6X-fb75w4IRJm2SpnbU1W4FwoIFc5E96Hz-pyOiu6HssKHE2b6VbQ; expires=Sun, 03-Nov-2024 08:16:35 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Sat, 04 May 2024 08:16:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 28 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:16:35 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6ae1ae1100307a9aba7b0b661be0bb2b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 May 2024 08:16:35 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrV%2BbZkUlyDwOgu94KYyClmNOJHKir2w%2BMr4bxpcOpx3CAr6yxkJu6EBdyx2ZGG%2FmclJbBhg2e2T3QgH9RdPVNe81UcAGXhU%2F8L1kDKFQQ2fHzg2NjsMjrlGmjPAW%2FXrKRdzbQoMqRULM%2FRhXjum6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e70cadbae4b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| translate.google.com/gen204?sl=th&nca=te_ap&client=te&logld=vTE_20240501 | 216.58.211.14 | 204 No Content | 0 B |
URL GET HTTP/3translate.google.com/gen204?sl=th&nca=te_ap&client=te&logld=vTE_20240501 IP216.58.211.14:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=th&nca=te_ap&client=te&logld=vTE_20240501 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 08:16:36 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-4v0pXwTE9vjmd7Xi4jNvpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzjEtDikmLw0pBicEqfwRoExEJcHE_uXt_IJvDhZwoAY8EJYQ"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=19.SE=gy34DyFu7Yy7u-FhzOVT0hT44ozLzT-QRlgs8U-Y0gapZJile_sb57U87Z5093Fv5-2WvfWwwEXRHNoafrx75AglQIaGjE40eOsjE1sbrOFcI8qjKQs6qgDj7bhUpFt-oBsRTZRP2Kj-XZh46jNeLN2OtDqt1huy8mIiTl__Mag; expires=Wed, 04-Jun-2025 00:34:53 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| inconveniencemimic.com/watch.1248145236519.js?key=026c4c7549076c46ea29e8df155ecef5&kw=%5B%22baan-series%22%5D&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 | 172.240.127.234 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1inconveniencemimic.com/watch.1248145236519.js?key=026c4c7549076c46ea29e8df155ecef5&kw=%5B%22baan-series%22%5D&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 IP172.240.127.234:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectinconveniencemimic.com FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36 ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1248145236519.js?key=026c4c7549076c46ea29e8df155ecef5&kw=%5B%22baan-series%22%5D&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&tz=0&dev=e&res=14.2071&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://baan-seriestv.blogspot.com
Access-Control-Allow-Origin: https://baan-seriestv.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://inconveniencemimic.com/watch.1248145236519.js?dev=e&key=026c4c7549076c46ea29e8df155ecef5&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=853adeb40b021921f76137c40f70d386508e2c4a5a662c0c7f1ae1b5ea7a64efd5d49d0abf4bbe480f5198ad08655f3477a9e0c638543fb1cd41b17e703bb423baffdf13e1fd8bc4f14ee8b548ca8074bb5fb07801c492ba2becbc5b8820a466&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1
Set-Cookie: u_pl=19269487; expires=Sun, 05 May 2024 08:16:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI2OTQ4NywiayI6IjAyNmM0Yzc1NDkwNzZjNDZlYTI5ZThkZjE1NWVjZWY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTE3OTY0LCJwaWQiOjU5MTU1OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImFpM200ZHFuYyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JhYW4tc2VyaWVzdHYuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.ytZzEQy39gkDiglDHtFqsaBOY7XQNtoDKQ6mtw8QAdQ; expires=Sat, 04 May 2024 08:17:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f4dc631c1bc1d38bcf4258ffc3e304f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| inconveniencemimic.com/watch.1248145236519.js?dev=e&key=026c4c7549076c46ea29e8df155ecef5&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=853adeb40b021921f76137c40f70d386508e2c4a5a662c0c7f1ae1b5ea7a64efd5d49d0abf4bbe480f5198ad08655f3477a9e0c638543fb1cd41b17e703bb423baffdf13e1fd8bc4f14ee8b548ca8074bb5fb07801c492ba2becbc5b8820a466&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1inconveniencemimic.com/watch.1248145236519.js?dev=e&key=026c4c7549076c46ea29e8df155ecef5&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=853adeb40b021921f76137c40f70d386508e2c4a5a662c0c7f1ae1b5ea7a64efd5d49d0abf4bbe480f5198ad08655f3477a9e0c638543fb1cd41b17e703bb423baffdf13e1fd8bc4f14ee8b548ca8074bb5fb07801c492ba2becbc5b8820a466&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 IP172.240.127.234:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectinconveniencemimic.com FingerprintAF:84:31:F6:C9:08:AA:86:11:4D:BF:62:E5:2A:DB:57:5B:6E:E2:36 ValidityMon, 29 Apr 2024 08:23:14 GMT - Sun, 28 Jul 2024 08:23:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1248145236519.js?dev=e&key=026c4c7549076c46ea29e8df155ecef5&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=853adeb40b021921f76137c40f70d386508e2c4a5a662c0c7f1ae1b5ea7a64efd5d49d0abf4bbe480f5198ad08655f3477a9e0c638543fb1cd41b17e703bb423baffdf13e1fd8bc4f14ee8b548ca8074bb5fb07801c492ba2becbc5b8820a466&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 HTTP/1.1
Host: inconveniencemimic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
Referer: https://baan-seriestv.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19269487; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI2OTQ4NywiayI6IjAyNmM0Yzc1NDkwNzZjNDZlYTI5ZThkZjE1NWVjZWY1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTE3OTY0LCJwaWQiOjU5MTU1OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImFpM200ZHFuYyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JhYW4tc2VyaWVzdHYuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.ytZzEQy39gkDiglDHtFqsaBOY7XQNtoDKQ6mtw8QAdQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:36 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://baan-seriestv.blogspot.com
Access-Control-Allow-Origin: https://baan-seriestv.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9189e7cc-aa2c-486c-9c81-be8d91646f21:2:1; expires=Sat, 11 May 2024 08:16:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb63fb7470ee86777ad760912c20db2d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.blogger.com/navbar.g?targetBlogID=6435632228842870339&blogName=Baan-Series&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://baan-seriestv.blogspot.com/search&blogLocale=th&v=2&homepageUrl=https://baan-seriestv.blogspot.com/&vt=-8917239941906287488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ | 216.58.207.233 | | 2.6 kB |
URL www.blogger.com/navbar.g?targetBlogID=6435632228842870339&blogName=Baan-Series&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://baan-seriestv.blogspot.com/search&blogLocale=th&v=2&homepageUrl=https://baan-seriestv.blogspot.com/&vt=-8917239941906287488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ IP216.58.207.233:0
CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64 ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (3172) Hash5e9d422647a3bda8c47d20cdc3bdc9d0 337f89c87c2b04ba85ec2f1c5dfaee88f8606052 d8c302f321d13d32ec195988b2217e3c02cc44a65f95ebc622c5f60f4be8385f
GET /navbar.g?targetBlogID=6435632228842870339&blogName=Baan-Series&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://baan-seriestv.blogspot.com/search&blogLocale=th&v=2&homepageUrl=https://baan-seriestv.blogspot.com/&vt=-8917239941906287488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 08:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| resources.blogblog.com/img/navbar/icons_orange.png | 216.58.207.233 | 200 OK | 915 B |
URL GET HTTP/3resources.blogblog.com/img/navbar/icons_orange.png IP216.58.207.233:443
Requested byhttps://www.blogger.com/navbar.g?targetBlogID=6435632228842870339&blogName=Baan-Series&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://baan-seriestv.blogspot.com/search&blogLocale=th&v=2&homepageUrl=https://baan-seriestv.blogspot.com/&vt=-8917239941906287488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fbaan-seriestv.blogspot.com&pfname=&rpctoken=38607274 CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64 ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT
File typePNG image data, 46 x 20, 8-bit colormap, non-interlaced Hash87f25844d23ac1ee03604e668f5c1797 85d440947d70a78672740ff7e8062f68ce9d99a3 d70c36f2f61b735573caa3dd5a1602e19916701bb88d99ff4527cd2c89fa8b72
GET /img/navbar/icons_orange.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 13:49:47 GMT
expires: Thu, 09 May 2024 13:49:47 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 May 2024 21:56:23 GMT
content-type: image/png
age: 152809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| resources.blogblog.com/img/navbar/arrows-blue.png | 216.58.207.233 | 200 OK | 104 B |
URL GET HTTP/3resources.blogblog.com/img/navbar/arrows-blue.png IP216.58.207.233:443
Requested byhttps://www.blogger.com/navbar.g?targetBlogID=6435632228842870339&blogName=Baan-Series&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://baan-seriestv.blogspot.com/search&blogLocale=th&v=2&homepageUrl=https://baan-seriestv.blogspot.com/&vt=-8917239941906287488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fbaan-seriestv.blogspot.com&pfname=&rpctoken=38607274 CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64 ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT
File typePNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced Hash38c95719e05f4184a301768d8de91e09 d0ed1147d46f2cf592584239a5a101d6f2abb588 259ece79a45ad7ecbcf6fb0669de61aa6a01ebedaba47a7e88283435e0e6b1be
GET /img/navbar/arrows-blue.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:27:04 GMT
expires: Thu, 09 May 2024 02:27:04 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 May 2024 12:54:56 GMT
content-type: image/png
age: 193772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| apis.google.com/js/platform:gapi.iframes.style.common.js | 142.250.74.46 | 200 OK | 21 kB |
URL GET HTTP/3apis.google.com/js/platform:gapi.iframes.style.common.js IP142.250.74.46:443
Requested byhttps://www.blogger.com/navbar.g?targetBlogID=6435632228842870339&blogName=Baan-Series&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://baan-seriestv.blogspot.com/search&blogLocale=th&v=2&homepageUrl=https://baan-seriestv.blogspot.com/&vt=-8917239941906287488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fbaan-seriestv.blogspot.com&pfname=&rpctoken=38607274 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (2050) Hash7ef4bc18139bcdbdd14c5b58b0955a67 afe44fd9a877f81a3c36f571c0fc934324c6cbd7 192bc707852c5986f930528442d88a79e5bcf4513aacc2b722a3c5e964501838
GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21313
date: Sat, 04 May 2024 08:16:36 GMT
expires: Sat, 04 May 2024 08:16:36 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "1df5d68c1707a051"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:36 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 82f4e7aa2afb2e0d27e1228149e6d583
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs | 142.250.74.46 | 200 OK | 46 kB |
URL GET HTTP/3apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs IP142.250.74.46:443
Requested byhttps://www.blogger.com/navbar.g?targetBlogID=6435632228842870339&blogName=Baan-Series&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://baan-seriestv.blogspot.com/search&blogLocale=th&v=2&homepageUrl=https://baan-seriestv.blogspot.com/&vt=-8917239941906287488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fbaan-seriestv.blogspot.com&pfname=&rpctoken=38607274 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (2124) Hash4d1bd282f5a3799d4e2880cf69af9269 2ede61be138a7beaa7d6214aa278479dce258adb 5e075152b65966c0c6fcd3ee7d9f62550981a7bb4ed47611f4286c16e0d79693
GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45677
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:03:59 GMT
expires: Fri, 02 May 2025 02:03:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 18:15:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 195157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| gobreadthpopcorn.com/sbar.json?key=65d9338a0de48da83a51dda015ac0fc8&psid=CF-3448_0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1gobreadthpopcorn.com/sbar.json?key=65d9338a0de48da83a51dda015ac0fc8&psid=CF-3448_0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 IP172.240.253.132:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectgobreadthpopcorn.com FingerprintC5:CA:73:FB:70:A9:E9:62:8F:51:AE:54:ED:96:FB:84:99:6B:A6:B9 ValidityMon, 29 Apr 2024 08:16:23 GMT - Sun, 28 Jul 2024 08:16:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=65d9338a0de48da83a51dda015ac0fc8&psid=CF-3448_0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 HTTP/1.1
Host: gobreadthpopcorn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:36 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://baan-seriestv.blogspot.com
Access-Control-Allow-Origin: https://baan-seriestv.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19328286; expires=Sun, 05 May 2024 08:16:36 GMT; secure; SameSite=None
uid_id2=9189e7cc-aa2c-486c-9c81-be8d91646f21:2:1; expires=Sat, 11 May 2024 08:16:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 48e8232ac5f563835be1d2c33004816a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| baan-seriestv.blogspot.com/favicon.ico | 216.58.207.193 | 200 OK | 412 B |
URL GET HTTP/3baan-seriestv.blogspot.com/favicon.ico IP216.58.207.193:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
File typeMS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel Hash59a0c7b6e4848ccdabcea0636efda02b 30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340 a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: baan-seriestv.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1; pp_main_4ea9680bb47519cb87e7e0446f253266=1; sb_main_65d9338a0de48da83a51dda015ac0fc8=1; sb_count_65d9338a0de48da83a51dda015ac0fc8=2; m5a4xojbcp2nx3gptmm633qal3gzmadn=bossdescendentrefer.com; pbpr0tpuw4isk85t8yg3jb2lj5vqf=donateentrailskindly.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sat, 04 May 2024 08:16:37 GMT
date: Sat, 04 May 2024 08:16:37 GMT
cache-control: private, max-age=86400
last-modified: Tue, 16 Apr 2024 02:44:25 GMT
etag: W/"4d3643184c2839d5f3d4243a0207767ad52db9172cc99a72c273e8a118fe532c"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| unseenreport.com/pxf.gif?uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4ea9680bb47519cb87e7e0446f253266&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4ea9680bb47519cb87e7e0446f253266&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=4ea9680bb47519cb87e7e0446f253266&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:37 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 01ba5ec4400bc694e622cdcb792d87ad
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=65d9338a0de48da83a51dda015ac0fc8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=65d9338a0de48da83a51dda015ac0fc8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=65d9338a0de48da83a51dda015ac0fc8&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:37 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d7c022a516d40647e0e3dcec5522d4ce
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.138 | 200 OK | 0 B |
URL OPTIONS HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.138:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://baan-seriestv.blogspot.com/
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://baan-seriestv.blogspot.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 04 May 2024 08:16:45 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.138 | 200 OK | 131 B |
URL OPTIONS HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.138:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baan-seriestv.blogspot.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1196
Origin: https://baan-seriestv.blogspot.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://baan-seriestv.blogspot.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sat, 04 May 2024 08:16:45 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/images/cleardot.gif | 0.0.0.0 | | 0 B |
URL GET www.google.com/images/cleardot.gif IP0.0.0.0:0
Requested byhttps://baan-seriestv.blogspot.com/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png | 0.0.0.0 | | 0 B |
URL GET www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png IP0.0.0.0:0
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/branding/googlelogo/1x/googlelogo_color_68x28dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| translate.googleapis.com/translate_static/img/loading.gif | 0.0.0.0 | | 0 B |
URL GET translate.googleapis.com/translate_static/img/loading.gif IP0.0.0.0:0
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /translate_static/img/loading.gif HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| blesshunt.com/watch.693701560012.js?dev=e&key=7f309f58d35166f1f78151eeec3e5245&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=498e37c682bd57a8ceb9a6dbaa7a948eb2dab2e80cc2681441bcce6b6604c7db71aaa2230f5adbd63aea0f7fb0a2f8934afd133ec940bb5519e87b59becbed311024866c41121752cee4a87629ab2d92cb506ab0702f13b0260be62f68cbec701b2cba&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1blesshunt.com/watch.693701560012.js?dev=e&key=7f309f58d35166f1f78151eeec3e5245&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=498e37c682bd57a8ceb9a6dbaa7a948eb2dab2e80cc2681441bcce6b6604c7db71aaa2230f5adbd63aea0f7fb0a2f8934afd133ec940bb5519e87b59becbed311024866c41121752cee4a87629ab2d92cb506ab0702f13b0260be62f68cbec701b2cba&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 IP172.240.108.68:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerLet's Encrypt Subjectblesshunt.com Fingerprint38:54:D2:52:04:4A:D1:5A:AF:61:74:52:84:6E:7D:AD:01:13:C9:FE ValidityMon, 29 Apr 2024 08:18:39 GMT - Sun, 28 Jul 2024 08:18:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.693701560012.js?dev=e&key=7f309f58d35166f1f78151eeec3e5245&kw=%5B%22baan-series%22%5D&pst=1714810655&refer=https%3A%2F%2Fbaan-seriestv.blogspot.com%2F&res=14.2071&rmtc=t&shu=498e37c682bd57a8ceb9a6dbaa7a948eb2dab2e80cc2681441bcce6b6604c7db71aaa2230f5adbd63aea0f7fb0a2f8934afd133ec940bb5519e87b59becbed311024866c41121752cee4a87629ab2d92cb506ab0702f13b0260be62f68cbec701b2cba&tz=0&uuid=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1 HTTP/1.1
Host: blesshunt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://baan-seriestv.blogspot.com
Referer: https://baan-seriestv.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19269497; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTI2OTQ5NywiayI6IjdmMzA5ZjU4ZDM1MTY2ZjFmNzgxNTFlZWVjM2U1MjQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTE3OTY0LCJwaWQiOjU5MTU1OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ4ZHJxbmUzcXNhIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYmFhbi1zZXJpZXN0di5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.gSegEUutBOBzFulUuhfhrtYDepBkoXpMLM6ErjpFUls
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 04 May 2024 08:16:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://baan-seriestv.blogspot.com
Access-Control-Allow-Origin: https://baan-seriestv.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9189e7cc-aa2c-486c-9c81-be8d91646f21:2:1; expires=Sat, 11 May 2024 08:16:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1299aa16b662f5ac957e52b3808015b0
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.blogger.com/navbar.g?targetBlogID=6435632228842870339&blogName=Baan-Series&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://baan-seriestv.blogspot.com/search&blogLocale=th&v=2&homepageUrl=https://baan-seriestv.blogspot.com/&vt=-8917239941906287488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ | 216.58.207.233 | 200 OK | 6.7 kB |
URL GET HTTP/3www.blogger.com/navbar.g?targetBlogID=6435632228842870339&blogName=Baan-Series&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://baan-seriestv.blogspot.com/search&blogLocale=th&v=2&homepageUrl=https://baan-seriestv.blogspot.com/&vt=-8917239941906287488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ IP216.58.207.233:443
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subject*.blogger.com FingerprintC0:1E:A1:13:90:EF:53:21:6B:57:23:D5:7F:12:F9:D1:2B:71:7A:64 ValidityTue, 16 Apr 2024 03:15:50 GMT - Tue, 09 Jul 2024 03:15:49 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6888), with no line terminators Hash4c67ae1049fadd8292ef772c0eb5fdc3 d7dd1e13d0e4a57607f63e8296b9fb2dac0cc40b aba35c6906d3dcb4e44df00af28a4406c2a95f17cf8cee8ea1014216a1cd219f
GET /navbar.g?targetBlogID=6435632228842870339&blogName=Baan-Series&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://baan-seriestv.blogspot.com/search&blogLocale=th&v=2&homepageUrl=https://baan-seriestv.blogspot.com/&vt=-8917239941906287488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 May 2024 08:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| baan-seriestv.blogspot.com/ | 0.0.0.0 | | 0 B |
URL GET baan-seriestv.blogspot.com/ IP0.0.0.0:0
Requested byhttps://baan-seriestv.blogspot.com/ CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00 ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: baan-seriestv.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://baan-seriestv.blogspot.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=9189e7cc-aa2c-486c-9c81-be8d91646f21%3A2%3A1; pp_main_4ea9680bb47519cb87e7e0446f253266=1; sb_main_65d9338a0de48da83a51dda015ac0fc8=1; sb_count_65d9338a0de48da83a51dda015ac0fc8=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=bossdescendentrefer.com; pbpr0tpuw4isk85t8yg3jb2lj5vqf=donateentrailskindly.com
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|