Report - helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html

Report Overview

Submitted URL

helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
IP

172.217.21.161

ASN

#15169 GOOGLE
Submitted

2023-09-26T10:16:41Z

Access

public
Website Title

The female of the species (54) – Cornelia Hajdinyak (Gyrocopter girl) (3) | Helikopter Hysterie ZWO – Das Hubschrauberblog des Heinrich Dubel
Final URL

helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

22

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
blogger.googleusercontent.com (13)	16485	2012-05-25 19:41:01	2023-09-25 21:07:25	9033	812651	142.250.74.97
translate-pa.googleapis.com (1)	1620	2021-11-04 07:37:42	2023-09-26 00:14:59	550	2285	142.250.74.170
translate.google.com (2)	1156	2012-05-30 03:30:32	2023-09-25 18:12:47	972	89095	216.58.211.14
www.blogblog.com (4)	28878	2012-05-22 09:35:04	2023-09-25 22:50:04	1831	270074	216.58.207.233
www.gstatic.com (4)	unknown	2016-07-26 11:37:06	2023-09-26 00:10:21	2118	9802	142.250.74.35
i9.ytimg.com (1)	2370	2017-01-30 06:14:04	2023-09-24 01:47:46	511	8353	172.217.21.174
1.bp.blogspot.com (2)	8403	2012-05-21 15:44:19	2023-09-25 18:42:06	1063	8098	142.250.74.161
2.bp.blogspot.com (1)	11071	2012-05-21 15:44:19	2023-09-25 21:26:49	571	143966	142.250.74.161
translate.googleapis.com (1)	1005	2012-05-31 09:21:21	2023-09-26 00:23:57	547	79125	142.250.74.170
fonts.gstatic.com (1)	unknown	2014-09-09 02:40:21	2023-09-25 22:05:36	473	4197	142.250.74.163
ocsp.pki.goog (22)	175	2018-07-01 08:43:07	2023-09-25 18:12:03	7326	15382	142.250.74.131
helikopterhysteriezwo.blogspot.com (19)	unknown	2015-01-09 22:58:08	2023-07-21 13:01:09	11132	350576	172.217.21.161
www.blogger.com (8)	8975	2012-05-22 09:35:03	2023-09-25 18:32:09	4299	188242	216.58.207.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	bp.blogspot.com	Sinkholed
2023-09-26	medium	bp.blogspot.com	Sinkholed
2023-09-26	medium	bp.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed

ThreatFox

No alerts detected

HTTP Transactions (79)

URL IP Response Size

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

edb0c213685c28c266c093ac59c369b0

e0841c1928ee05cb6b2e1394c51ee33b51095d06

0224d0e9559dee969f319bbc8cb3def81a2d418d9f2ba72d60cd6830d1e6dee2

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html

172.217.21.161

200 OK

8760

URL User Request GET HTTP/2

helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14041)

Size

8760
Hash

5f05ef149a013a1bdfa2e8900c89aad9

338a3659a45aea2d21cf639a25bcf0fa0ea2ef43

f3a91f3b7443f51f9717d51f4c8ad0cf262e6dc533c860c7513094849009acbb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /2018/02/the-female-of-species-54-cornelia.html HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:21 GMT
date: Tue, 26 Sep 2023 10:16:21 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: W/"f15c52cef1660e171277f2da5da84a8e5f49d6250c3beb6d91a6a8e78ef397c2"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 8760
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

edb0c213685c28c266c093ac59c369b0

e0841c1928ee05cb6b2e1394c51ee33b51095d06

0224d0e9559dee969f319bbc8cb3def81a2d418d9f2ba72d60cd6830d1e6dee2

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

helikopterhysteriezwo.blogspot.com/js/cookienotice.js

172.217.21.161

200 OK

2026

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/js/cookienotice.js
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text

Size

2026
Hash

a705132a2174f88e196ec3610d68faa8

3bad57a48d973a678fec600d45933010f6edc659

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /js/cookienotice.js HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Tue, 26 Sep 2023 10:16:21 GMT
expires: Tue, 03 Oct 2023 10:16:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 26 Sep 2023 07:53:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

1a531c4a6f63eec7c47b290aaea56a63

2ab462b13b2696cf0fb363d65c833b7b55e363fb

a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

1a531c4a6f63eec7c47b290aaea56a63

2ab462b13b2696cf0fb363d65c833b7b55e363fb

a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

1a531c4a6f63eec7c47b290aaea56a63

2ab462b13b2696cf0fb363d65c833b7b55e363fb

a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

1a531c4a6f63eec7c47b290aaea56a63

2ab462b13b2696cf0fb363d65c833b7b55e363fb

a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

1a531c4a6f63eec7c47b290aaea56a63

2ab462b13b2696cf0fb363d65c833b7b55e363fb

a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

216.58.207.233

200 OK

7756

URL GET HTTP/2

www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP

216.58.207.233:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.blogger.com

FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60

ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

Magic

ASCII text, with very long lines (35959)

Size

7756
Hash

1e32420a7b6ddbdcb7def8b3141c4d1e

a1be54d42ff1f95244c9653539f90318f5bc0580

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

HTTP Headers

                                        GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 20:27:36 GMT
expires: Tue, 24 Sep 2024 20:27:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Sep 2023 11:54:51 GMT
content-type: text/css
vary: Accept-Encoding
age: 49725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/classic.js

216.58.207.233

200 OK

40707

URL GET HTTP/2

www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/classic.js
IP

216.58.207.233:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.blogger.com

FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60

ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

Magic

ASCII text, with very long lines (65536), with no line terminators

Size

40707
Hash

5b7fef569cfb882f2bdfb04bc6e68159

b875796883441cbb3e16a5442796385730d384a9

5f79da1ace2e184424ea4cd11c9282617276ed2d59e657547d92e36650ef6947

HTTP Headers

                                        GET /dynamicviews/9fc060cdf7011fe5/js/classic.js HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 40707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 02:14:23 GMT
expires: Fri, 29 Sep 2023 02:14:23 GMT
cache-control: public, max-age=604800
last-modified: Thu, 21 Sep 2023 04:52:48 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 374518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/common.js

216.58.207.233

200 OK

99845

URL GET HTTP/2

www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/common.js
IP

216.58.207.233:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.blogger.com

FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60

ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

Magic

ASCII text, with very long lines (2629)

Size

99845
Hash

8181c57cf53a7bb64a296776d1c0075d

b6fdd2b12383870030f40a4f60b9d557568b6358

a2420ee0e5343baafbdaad9c7585afbcb2d51af564ff3661b2f1df1e7cc6a30f

HTTP Headers

                                        GET /dynamicviews/9fc060cdf7011fe5/js/common.js HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 99845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 02:14:23 GMT
expires: Fri, 29 Sep 2023 02:14:23 GMT
cache-control: public, max-age=604800
last-modified: Thu, 21 Sep 2023 04:52:48 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 374518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/languages/lang__de.js

216.58.207.233

200 OK

4491

URL GET HTTP/2

www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/languages/lang__de.js
IP

216.58.207.233:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.blogger.com

FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60

ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

Magic

ASCII text, with very long lines (929)

Size

4491
Hash

f95bce7239551cc0bec3333f86620fe4

bab24f3d952dd94b423f5e50777ec14761873d8c

f6e319d786203b86a4ed6103ba318dc66e9c2410794adf27000c222e9e7ed73f

HTTP Headers

                                        GET /dynamicviews/9fc060cdf7011fe5/js/languages/lang__de.js HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 4491
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 00:37:08 GMT
expires: Mon, 02 Oct 2023 00:37:08 GMT
cache-control: public, max-age=604800
last-modified: Thu, 21 Sep 2023 04:52:48 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 121153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js

216.58.207.233

200 OK

122175

URL GET HTTP/2

www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js
IP

216.58.207.233:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.blogger.com

FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60

ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

Magic

HTML document, ASCII text, with very long lines (2028)

Size

122175
Hash

f7c41bb3b904cbcc49ba53232535e983

dc873d1f036da0b53b011a5046a23d258b5a5bd2

266c8725e6911ff0e2f23572d0ebf1e30c7594e49ea8bed00af914c924fc086a

HTTP Headers

                                        GET /dynamicviews/4224c15c4e7c9321/js/comments.js HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 122175
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:27:56 GMT
expires: Thu, 28 Sep 2023 15:27:56 GMT
cache-control: public, max-age=604800
age: 413305
last-modified: Mon, 14 May 2012 20:21:35 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/562952797-widgets.js

216.58.207.233

200 OK

160393

URL GET HTTP/2

www.blogger.com/static/v1/widgets/562952797-widgets.js
IP

216.58.207.233:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.blogger.com

FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60

ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

Magic

ASCII text, with very long lines (2215)

Size

160393
Hash

0804e4c7fd72aea2ce34a04d9ec9686c

9f46bef1076230a1271d151a506fd1d91ae7df93

5ea4b0b19c5f030a3b42b570c07cbea89a7899f1d824a95b53ad2c4ca18a2b5c

HTTP Headers

                                        GET /static/v1/widgets/562952797-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 160393
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:21:50 GMT
expires: Thu, 19 Sep 2024 02:21:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Sep 2023 00:55:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 546871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

1a531c4a6f63eec7c47b290aaea56a63

2ab462b13b2696cf0fb363d65c833b7b55e363fb

a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

1a531c4a6f63eec7c47b290aaea56a63

2ab462b13b2696cf0fb363d65c833b7b55e363fb

a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/dyn-css/authorization.css?targetBlogID=1946443303423348198&zx=60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca

216.58.207.233

200 OK

URL GET HTTP/3

www.blogger.com/dyn-css/authorization.css?targetBlogID=1946443303423348198&zx=60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca
IP

216.58.207.233:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.blogger.com

FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60

ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

Magic

very short file (no magic)

Size

21
Hash

68b329da9893e34099c7d8ad5cb9c940

adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

                                        GET /dyn-css/authorization.css?targetBlogID=1946443303423348198&zx=60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Sep 2023 10:16:22 GMT
last-modified: Tue, 26 Sep 2023 10:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/favicon.ico

172.217.21.161

200 OK

983

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/favicon.ico
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data

Size

983
Hash

bb61749e42abdc1c6573bfb9e15ef801

8a2f0fec2274e06ebd5857704e87c75f816b1908

91209d6110796ac1d53fcc20fb20ab09cd21996e6e04cb788beeaebd1e3f6139

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /favicon.ico HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=86400
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: W/"f15c52cef1660e171277f2da5da84a8e5f49d6250c3beb6d91a6a8e78ef397c2"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 983
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

294

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text

Size

294
Hash

ce9e06d2ce627b44d4bef2f7ccdf36e0

a955b2dc8eb7f471569b26f501812516a9a26f0d

3bcefdf9791be7db76fe9dbc05f7ffb757573a2d418afee0c072e95c56720968

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 294
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

191

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text

Size

191
Hash

1f4c731fdd35dd3ccc9ad274567935b4

9157e96b517c12e3887598b8a7c4be187db8b450

a333dc36ed6e795b957a045441cfa50013fa18233f8bd93aecb727025a465eb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 191
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

542

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text, with very long lines (724)

Size

542
Hash

4b22ab8b47c2feacb5e31a7e8949f9e8

cdb4abf98122b56b4c273ba005ce9c468a4d3b25

2237a24c68078673698514a2d384ba2949a93e705509570ef479875a6297854f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 542
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

3438

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text, with very long lines (9136)

Size

3438
Hash

1e042b10d37511cc17d4605f50849bb8

1dbb7aaa619555e16bd12c3374e2d45c89869506

7da23b6c1f443954192437ca426de236f187fa5e71ecc7b020db023a55784b73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 3438
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

4668

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text, with very long lines (42881)

Size

4668
Hash

ab4ed811804df8ea88fa3271316cee25

85dd86c3062954a1ae0b7368014e843f130e58f7

00336459ff6f80ad499b5bb216a584343a9fbaf72d09eb993a38e3bb31aad22c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 4668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/feeds/posts/default?alt=json&v=2&dynamicviews=1&orderby=published&max-results=25&rewriteforssl=true

172.217.21.161

200 OK

92540

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/feeds/posts/default?alt=json&v=2&dynamicviews=1&orderby=published&max-results=25&rewriteforssl=true
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

JSON data\012- , Unicode text, UTF-8 text, with very long lines (65306), with no line terminators

Size

92540
Hash

0203188d2e801e7f6a6c77ecbe51cbf0

a34590cbf94b8e90682a23798c0c658ea1cbe448

8356fef810b8fbbe738951ed9c16cf5c7b9c3f40aa4db2d6d61b646ada79bd76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /feeds/posts/default?alt=json&v=2&dynamicviews=1&orderby=published&max-results=25&rewriteforssl=true HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"5fbe83f0eb218c101164329c49350d38077f2326467af812e1c37b37c4e0fb25"
date: Tue, 26 Sep 2023 10:16:23 GMT
content-type: application/json; charset=UTF-8
server: blogger-renderd
expires: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
content-encoding: gzip
content-length: 92540
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

104886

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text, with very long lines (65530)

Size

104886
Hash

a9618ab99a5f5cb8d4824da659c40822

8ad1513ff10d216736bf8eb87df7002c46a29350

74b0b564d0ff40f67031532daa215a2a00132da91875af9dc13a6284e4197e0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 104886
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

294

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text

Size

294
Hash

ce9e06d2ce627b44d4bef2f7ccdf36e0

a955b2dc8eb7f471569b26f501812516a9a26f0d

3bcefdf9791be7db76fe9dbc05f7ffb757573a2d418afee0c072e95c56720968

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 294
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/feeds/posts/default/2554180235786207917?alt=json&v=2&dynamicviews=1&rewriteforssl=true

172.217.21.161

200 OK

1574

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/feeds/posts/default/2554180235786207917?alt=json&v=2&dynamicviews=1&rewriteforssl=true
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

JSON data\012- , Unicode text, UTF-8 text, with very long lines (3962), with no line terminators

Size

1574
Hash

0128cdef0cf02f9d530b0aa834ab7ff0

66488816c78c8dcab4633050a046a9e8bebc8102

4f0591c658a44cff7857d0b21f33f7f563a403d25d9bbaf3342125f537e98c36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /feeds/posts/default/2554180235786207917?alt=json&v=2&dynamicviews=1&rewriteforssl=true HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"415059881c94f547108bb05a67a60dccc595de24626c43b89e49f9309a905a33"
date: Tue, 26 Sep 2023 10:16:24 GMT
content-type: application/json; charset=UTF-8
server: blogger-renderd
expires: Tue, 26 Sep 2023 10:16:25 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Tue, 01 Dec 2020 01:00:25 GMT
content-encoding: gzip
content-length: 1574
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ

216.58.207.233

200 OK

1409

URL GET HTTP/3

www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ
IP

216.58.207.233:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.blogger.com

FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60

ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1539)

Size

1409
Hash

7b18e912253999d7973fd9cdbf1357c5

c9b6d55dc06ba22fa7125d508fa365d93465f195

c85ef732947f3ce888c154ab751e6307a718d396b3bbaf64a39518462587c5f0

HTTP Headers

                                        GET /video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: private, max-age=25200
pragma: no-cache
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1409
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

191

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text

Size

191
Hash

1f4c731fdd35dd3ccc9ad274567935b4

9157e96b517c12e3887598b8a7c4be187db8b450

a333dc36ed6e795b957a045441cfa50013fa18233f8bd93aecb727025a465eb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 191
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

542

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text, with very long lines (724)

Size

542
Hash

4b22ab8b47c2feacb5e31a7e8949f9e8

cdb4abf98122b56b4c273ba005ce9c468a4d3b25

2237a24c68078673698514a2d384ba2949a93e705509570ef479875a6297854f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 542
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

3438

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text, with very long lines (9136)

Size

3438
Hash

1e042b10d37511cc17d4605f50849bb8

1dbb7aaa619555e16bd12c3374e2d45c89869506

7da23b6c1f443954192437ca426de236f187fa5e71ecc7b020db023a55784b73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
report-to: {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 3438
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

4668

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text, with very long lines (42881)

Size

4668
Hash

ab4ed811804df8ea88fa3271316cee25

85dd86c3062954a1ae0b7368014e843f130e58f7

00336459ff6f80ad499b5bb216a584343a9fbaf72d09eb993a38e3bb31aad22c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 4668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

86f13e0e5bd629070766ef73e2a67867

ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d

3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

86f13e0e5bd629070766ef73e2a67867

ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d

3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

86f13e0e5bd629070766ef73e2a67867

ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d

3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

86f13e0e5bd629070766ef73e2a67867

ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d

3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/jsbin/3660368207-video_compiled.js

216.58.207.233

200 OK

13583

URL GET HTTP/3

www.blogger.com/static/v1/jsbin/3660368207-video_compiled.js
IP

216.58.207.233:443
ASN

#15169 GOOGLE

Requested by

https://www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ
Certificate

IssuerGoogle Trust Services LLC

Subject*.blogger.com

FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60

ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

Magic

ASCII text, with very long lines (2199)

Size

13583
Hash

462d2d7993d356cd5a315e818b8d4aab

b856e00bba27dc08d1403638b03f16af701db368

16f4b7ec27cf93ac62210a53f51152749dcfd31b5a08deb45f8848b30f50848e

HTTP Headers

                                        GET /static/v1/jsbin/3660368207-video_compiled.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 13583
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 11:23:25 GMT
expires: Wed, 18 Sep 2024 11:23:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Sep 2023 08:53:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 600779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

178dd930993366d9bb01d73e2960a0c5

8b316934e079b21ca97a190c864b937c00c677a6

41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/images/icons/material/system/1x/play_arrow_white_48dp.png

142.250.74.35

200 OK

220

URL GET HTTP/2

www.gstatic.com/images/icons/material/system/1x/play_arrow_white_48dp.png
IP

142.250.74.35:443
ASN

#15169 GOOGLE

Requested by

https://www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27

ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

Magic

PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data

Size

220
Hash

bbea220e3d4187feca59742dd22e2b27

800f7aea14ae6bb26b4d178af19e2b5fb6700d8a

b0c543456be59cd54e3b13f2fbc2071c25c6f79a6bb45957bbc12e033b55cf06

HTTP Headers

                                        GET /images/icons/material/system/1x/play_arrow_white_48dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 220
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 10:33:52 GMT
expires: Sat, 21 Sep 2024 10:33:52 GMT
cache-control: public, max-age=31536000
age: 344552
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

178dd930993366d9bb01d73e2960a0c5

8b316934e079b21ca97a190c864b937c00c677a6

41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

104886

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

ASCII text, with very long lines (65530)

Size

104886
Hash

a9618ab99a5f5cb8d4824da659c40822

8ad1513ff10d216736bf8eb87df7002c46a29350

74b0b564d0ff40f67031532daa215a2a00132da91875af9dc13a6284e4197e0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 104886
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/img/logo-16.png

216.58.207.233

200 OK

279

URL GET HTTP/3

www.blogger.com/img/logo-16.png
IP

216.58.207.233:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.blogger.com

FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60

ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

Magic

PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data

Size

279
Hash

5ffecab6c722bb0adc3fce8d83b27993

0e59b05d3da526e82bb4f5d47c5d94e2a318dafb

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

HTTP Headers

                                        GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:45:49 GMT
expires: Wed, 27 Sep 2023 02:45:49 GMT
cache-control: public, max-age=604800
last-modified: Tue, 19 Sep 2023 16:55:46 GMT
content-type: image/png
age: 545436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

472

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

e5f9f802e548a076e6066ecff6aa5bbb

fb8dfabace38ae24e462d84eddc3d25b48b23a20

20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

e5f9f802e548a076e6066ecff6aa5bbb

fb8dfabace38ae24e462d84eddc3d25b48b23a20

20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1.bp.blogspot.com/-AleG9_0p_fA/X5rXBgZRYuI/AAAAAAABxHQ/if86IkNqkZ0mWSj761_B9NKWUinzGtJbACLcBGAsYHQ/s72-c/Mi-24V%2BHind%2BE-kasachstan_.jpg

142.250.74.161

200 OK

3681

URL GET HTTP/2

1.bp.blogspot.com/-AleG9_0p_fA/X5rXBgZRYuI/AAAAAAABxHQ/if86IkNqkZ0mWSj761_B9NKWUinzGtJbACLcBGAsYHQ/s72-c/Mi-24V%2BHind%2BE-kasachstan_.jpg
IP

142.250.74.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data

Size

3681
Hash

bd2a3c60b61c27c280ebc1c2d13b5957

20dd9e3599f341bf56fd8a22083ba90157d1d152

582cd10a227cf5a41685b6947656d222af51dd88310048659fc47963fb9475be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /-AleG9_0p_fA/X5rXBgZRYuI/AAAAAAABxHQ/if86IkNqkZ0mWSj761_B9NKWUinzGtJbACLcBGAsYHQ/s72-c/Mi-24V%2BHind%2BE-kasachstan_.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Mi-24V Hind E-kasachstan_.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3681
x-xss-protection: 0
date: Tue, 26 Sep 2023 10:16:25 GMT
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1c475"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1.bp.blogspot.com/-vRvwDUP892A/VqF6x99ounI/AAAAAAAAbA8/XG4VStqXqzE/s72-c/Gyrocopter-girl_.jpg

142.250.74.161

200 OK

3331

URL GET HTTP/2

1.bp.blogspot.com/-vRvwDUP892A/VqF6x99ounI/AAAAAAAAbA8/XG4VStqXqzE/s72-c/Gyrocopter-girl_.jpg
IP

142.250.74.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data

Size

3331
Hash

7fc780f13e321b6fc0e79a40454ec83a

07b33b49ab9cbcdfd61f01af46e165bfe377a1be

4b8aa5895e65d028493d4a549deee7247d7239e217ea78e7a3ebb85c8377deb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /-vRvwDUP892A/VqF6x99ounI/AAAAAAAAbA8/XG4VStqXqzE/s72-c/Gyrocopter-girl_.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Gyrocopter-girl_.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3331
x-xss-protection: 0
date: Tue, 26 Sep 2023 10:16:25 GMT
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
etag: "v6c10"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i9.ytimg.com/vi_blogger/6xXazfcz1NU/1.jpg?sqp=CPjeyqgGGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3ndsRJZ4r9UFmptUs5Wk9GlwV-b4Q

172.217.21.174

200 OK

7757

URL GET HTTP/2

i9.ytimg.com/vi_blogger/6xXazfcz1NU/1.jpg?sqp=CPjeyqgGGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3ndsRJZ4r9UFmptUs5Wk9GlwV-b4Q
IP

172.217.21.174:443
ASN

#15169 GOOGLE

Requested by

https://www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ
Certificate

IssuerGoogle Trust Services LLC

Subject*.google.com

FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4

ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data

Size

7757
Hash

bf0bf36e83c24fc47bebe8b1c8f47724

7b2ca1500f5b3d129e5df0d00f5693a09b5d7b1f

298a7c293136b86f7314b099de316809101fe916e871b2c8ba9d7ec37281c388

HTTP Headers

                                        GET /vi_blogger/6xXazfcz1NU/1.jpg?sqp=CPjeyqgGGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3ndsRJZ4r9UFmptUs5Wk9GlwV-b4Q HTTP/1.1
Host: i9.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 7757
date: Tue, 26 Sep 2023 10:16:25 GMT
expires: Tue, 26 Sep 2023 10:16:25 GMT
cache-control: private, max-age=300
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXAPAhoHRudUa9B2tF5hvkFd2NNUBK9bsFMLbsULF1bWVeDUGtaVyAJHQtLLsJ8HmK7ndHContbKOMePtOQN-ihf9H_LhGcrVBZ1R8oBZOxzZH8Akq6iS62QG86g1iE5C7cD60U1fnLORetmBEZKMQNHpAStPdhuMJ1fufz_8YBjs0wiEVEoj8QVgMTEGh/s16000/generic-Robinson-crashes_2_.jpg

142.250.74.97

200 OK

175355

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXAPAhoHRudUa9B2tF5hvkFd2NNUBK9bsFMLbsULF1bWVeDUGtaVyAJHQtLLsJ8HmK7ndHContbKOMePtOQN-ihf9H_LhGcrVBZ1R8oBZOxzZH8Akq6iS62QG86g1iE5C7cD60U1fnLORetmBEZKMQNHpAStPdhuMJ1fufz_8YBjs0wiEVEoj8QVgMTEGh/s16000/generic-Robinson-crashes_2_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 624x398, components 3\012- data

Size

175355
Hash

b9239186f3adf76f60a381cbfdd6e79c

021d803544067f06130f10d86c1d4c37d5b98671

a6936332758551e31b053743ec63299332ecc90632a443dd31a8ffb3d34d6e87

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEhXAPAhoHRudUa9B2tF5hvkFd2NNUBK9bsFMLbsULF1bWVeDUGtaVyAJHQtLLsJ8HmK7ndHContbKOMePtOQN-ihf9H_LhGcrVBZ1R8oBZOxzZH8Akq6iS62QG86g1iE5C7cD60U1fnLORetmBEZKMQNHpAStPdhuMJ1fufz_8YBjs0wiEVEoj8QVgMTEGh/s16000/generic-Robinson-crashes_2_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c9f4"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="generic-Robinson-crashes_2_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 175355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5YqZSlGegdIIfUn8p_lYRfjO90a3bcRClftylqkSqm987s157wWkYibsHSUyQ1wqRops9MalUgtfyQIPE5Jodm5WRaM3mG3lEe-ZV6w9qjkPehqbGYTxn6rdG_pJtFSX9JPiCuj_Stdpv7KoZrNlwHhVlaN5iwMeEVHQ9FS9UX-oQ4woCKStGWx1ij2YE/s16000/230922_Louisiana-S-92-wedge_3_.jpg

142.250.74.97

200 OK

151398

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5YqZSlGegdIIfUn8p_lYRfjO90a3bcRClftylqkSqm987s157wWkYibsHSUyQ1wqRops9MalUgtfyQIPE5Jodm5WRaM3mG3lEe-ZV6w9qjkPehqbGYTxn6rdG_pJtFSX9JPiCuj_Stdpv7KoZrNlwHhVlaN5iwMeEVHQ9FS9UX-oQ4woCKStGWx1ij2YE/s16000/230922_Louisiana-S-92-wedge_3_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 624x389, components 3\012- data

Size

151398
Hash

f753f627327a4541465ea716d856a106

cd884fcd207b69ea2b682b14366baf639f4029ce

90f1e5ec0a2e0cdba8a0fcd64b679673ac4792ca6ee2f083f26d6679abfdb061

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEj5YqZSlGegdIIfUn8p_lYRfjO90a3bcRClftylqkSqm987s157wWkYibsHSUyQ1wqRops9MalUgtfyQIPE5Jodm5WRaM3mG3lEe-ZV6w9qjkPehqbGYTxn6rdG_pJtFSX9JPiCuj_Stdpv7KoZrNlwHhVlaN5iwMeEVHQ9FS9UX-oQ4woCKStGWx1ij2YE/s16000/230922_Louisiana-S-92-wedge_3_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c9f2"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230922_Louisiana-S-92-wedge_3_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 151398
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjelwX-ngv8aspS5agkI5w_JS5LQeoflv5KkMN-mCiM9gJbBU15Yj71p3IgTa4SGRT19kogF2zzHJMeu2ofTUEMx9kGev47q7Fo0gw1x2qw6m5hZxc4zkpqFrewpXPlng67C1BxXO9bvJGV4HLwOEpi83x7uni1733kZSXPqqek1MqpkQ3hrScEv05e71nZ/s16000/230922_Louisiana-S-92-wedge_1_.jpg

142.250.74.97

200 OK

217964

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjelwX-ngv8aspS5agkI5w_JS5LQeoflv5KkMN-mCiM9gJbBU15Yj71p3IgTa4SGRT19kogF2zzHJMeu2ofTUEMx9kGev47q7Fo0gw1x2qw6m5hZxc4zkpqFrewpXPlng67C1BxXO9bvJGV4HLwOEpi83x7uni1733kZSXPqqek1MqpkQ3hrScEv05e71nZ/s16000/230922_Louisiana-S-92-wedge_1_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 624x468, components 3\012- data

Size

217964
Hash

d2f0aceec34e4067f5b9fe4c42f3428d

ca83fba985839a3b949929fc6b469d68db0ef636

aaac091db51c13cf016750a75826cd9cd21c8174bb8afc1be31929b4f70aee02

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEjelwX-ngv8aspS5agkI5w_JS5LQeoflv5KkMN-mCiM9gJbBU15Yj71p3IgTa4SGRT19kogF2zzHJMeu2ofTUEMx9kGev47q7Fo0gw1x2qw6m5hZxc4zkpqFrewpXPlng67C1BxXO9bvJGV4HLwOEpi83x7uni1733kZSXPqqek1MqpkQ3hrScEv05e71nZ/s16000/230922_Louisiana-S-92-wedge_1_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c9f2"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230922_Louisiana-S-92-wedge_1_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 217964
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9SJ-hSaQhydeLEajsbOcS1gWpbDDgJjHLlmKMA5GWOESqoPKr3ESeqciGLilmMwJzwgbDlPoVN1iC_rwb4YfJH8_e_ZdiQLfX34walnCM-F8_tAtzih-yUdInallrvCHdPrUONRzWDtEeMzxdANoVBrq_dJxZg9QdpOgkfbRSOALUgNgDNeBB2uF5a2Tj/s16000/230922_Louisiana-S-92-wedge_2_.jpg

142.250.74.97

200 OK

230251

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9SJ-hSaQhydeLEajsbOcS1gWpbDDgJjHLlmKMA5GWOESqoPKr3ESeqciGLilmMwJzwgbDlPoVN1iC_rwb4YfJH8_e_ZdiQLfX34walnCM-F8_tAtzih-yUdInallrvCHdPrUONRzWDtEeMzxdANoVBrq_dJxZg9QdpOgkfbRSOALUgNgDNeBB2uF5a2Tj/s16000/230922_Louisiana-S-92-wedge_2_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 624x649, components 3\012- data

Size

230251
Hash

307e6922e43f878aa85ba38470c9c4f7

868187315f7d179f9661ac3ea55135e5eebeb6b2

c5c29cfcb92144ab45daef28d079b977aaf7f991ff0113e46d447bf972963331

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEj9SJ-hSaQhydeLEajsbOcS1gWpbDDgJjHLlmKMA5GWOESqoPKr3ESeqciGLilmMwJzwgbDlPoVN1iC_rwb4YfJH8_e_ZdiQLfX34walnCM-F8_tAtzih-yUdInallrvCHdPrUONRzWDtEeMzxdANoVBrq_dJxZg9QdpOgkfbRSOALUgNgDNeBB2uF5a2Tj/s16000/230922_Louisiana-S-92-wedge_2_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c9f1"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230922_Louisiana-S-92-wedge_2_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 230251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinQm1NuHNdHKcg6B_089cBYcSJuS8v072l69h4YxaML4dJa_O9EG1yn9jcGZDQzFTgQmhuxNhnBzEdTClEWbkesIwLMpRUOdEbzay--vW2EDpX5Feo3gGJ0RlTaxBIA2eU2Fzcd7FnbqNUtxLn8EfPyu7GqZ87h0Xj2csGrpbpOAadobP5RgdpkLTK/s72-c/1910_Wallins_.jpg

142.250.74.97

200 OK

3210

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinQm1NuHNdHKcg6B_089cBYcSJuS8v072l69h4YxaML4dJa_O9EG1yn9jcGZDQzFTgQmhuxNhnBzEdTClEWbkesIwLMpRUOdEbzay--vW2EDpX5Feo3gGJ0RlTaxBIA2eU2Fzcd7FnbqNUtxLn8EfPyu7GqZ87h0Xj2csGrpbpOAadobP5RgdpkLTK/s72-c/1910_Wallins_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data

Size

3210
Hash

277548fd7e0d6cf79ab61b8e73f59c7e

7b507a2d120f6daa857b4054d94d480e7f898826

77f28b8d84579a4388992d27e81f75dc78f49ee08c290e9691056b1b5d337f18

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEinQm1NuHNdHKcg6B_089cBYcSJuS8v072l69h4YxaML4dJa_O9EG1yn9jcGZDQzFTgQmhuxNhnBzEdTClEWbkesIwLMpRUOdEbzay--vW2EDpX5Feo3gGJ0RlTaxBIA2eU2Fzcd7FnbqNUtxLn8EfPyu7GqZ87h0Xj2csGrpbpOAadobP5RgdpkLTK/s72-c/1910_Wallins_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v28f41"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1910_Wallins_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 3210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBXCz2L_9gqCB6YdD7RlCaGU-ShEK61LdLT5-3glwn1hd2L4rjvGH5FQulwpvmosl0T8i9D_hu6G45QS9tIHfHb6Ad01EYWQiwJKueqlvUswLWGtQVmLPl15bNIJuOD1Vzicn7KoE-semQXQnFc9KF5a259cIzXH8ykjZ4buseI7bk5lTfOMIQUQ46jxZg/s72-c/230920_Australien-crash_.jpg

142.250.74.97

200 OK

2167

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBXCz2L_9gqCB6YdD7RlCaGU-ShEK61LdLT5-3glwn1hd2L4rjvGH5FQulwpvmosl0T8i9D_hu6G45QS9tIHfHb6Ad01EYWQiwJKueqlvUswLWGtQVmLPl15bNIJuOD1Vzicn7KoE-semQXQnFc9KF5a259cIzXH8ykjZ4buseI7bk5lTfOMIQUQ46jxZg/s72-c/230920_Australien-crash_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data

Size

2167
Hash

b455deada7b80e2952271e6dd3803ae3

965e5aad410df776a0ede0551b1963c6aabe313b

9ca5ef407cfa5bd6005b7887a3cbad5934b3b82937be4769e7f0417491b21e9d

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEhBXCz2L_9gqCB6YdD7RlCaGU-ShEK61LdLT5-3glwn1hd2L4rjvGH5FQulwpvmosl0T8i9D_hu6G45QS9tIHfHb6Ad01EYWQiwJKueqlvUswLWGtQVmLPl15bNIJuOD1Vzicn7KoE-semQXQnFc9KF5a259cIzXH8ykjZ4buseI7bk5lTfOMIQUQ46jxZg/s72-c/230920_Australien-crash_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c921"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230920_Australien-crash_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 2167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxanK6PbvbcBfXj_3agDpheQK89aY23eyT4DZoOUOLTdabpGeH0eCv8mc9dAgW-ydlu_Zl2OqLLrzB0UwDU7lSUZRPRaEcx20-h3EX9TOZyMmiimyRFBHLtnB8fNgwDK0/s113/*

142.250.74.97

200 OK

7184

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxanK6PbvbcBfXj_3agDpheQK89aY23eyT4DZoOUOLTdabpGeH0eCv8mc9dAgW-ydlu_Zl2OqLLrzB0UwDU7lSUZRPRaEcx20-h3EX9TOZyMmiimyRFBHLtnB8fNgwDK0/s113/*
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 108x113, components 3\012- data

Size

7184
Hash

69bded2269646c7dc3b361c3c3abf85d

c448731331f50b548bfefc61b40a0413b9629d31

f361c77a6b0850cbb7bd2391935b7369104213c6fc86181da1dcbfe4798f69a8

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEhxanK6PbvbcBfXj_3agDpheQK89aY23eyT4DZoOUOLTdabpGeH0eCv8mc9dAgW-ydlu_Zl2OqLLrzB0UwDU7lSUZRPRaEcx20-h3EX9TOZyMmiimyRFBHLtnB8fNgwDK0/s113/* HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v310e"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="*.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 7184
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

2.bp.blogspot.com/-uV9iYfIRQkk/Wn3VvQ067TI/AAAAAAAA3Zw/6VeUnHGnbCULhXzaiRvtAUha3btA7xzEACLcBGAs/s1600/Gyrocopter-girl-Cornelia-Haydinjak_.jpg

142.250.74.161

200 OK

143415

URL GET HTTP/2

2.bp.blogspot.com/-uV9iYfIRQkk/Wn3VvQ067TI/AAAAAAAA3Zw/6VeUnHGnbCULhXzaiRvtAUha3btA7xzEACLcBGAs/s1600/Gyrocopter-girl-Cornelia-Haydinjak_.jpg
IP

142.250.74.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 397x478, components 3\012- data

Size

143415
Hash

892d4d9c83aeceb311a30de519467631

10a40ccd0dcc1a8dd1cd855f92e4bcde94f4c8e1

a46ce0ad04cd37319475aa43c60fee51d99139a771e6b239d5e2478a99cb927b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /-uV9iYfIRQkk/Wn3VvQ067TI/AAAAAAAA3Zw/6VeUnHGnbCULhXzaiRvtAUha3btA7xzEACLcBGAs/s1600/Gyrocopter-girl-Cornelia-Haydinjak_.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vdd9d"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Gyrocopter-girl-Cornelia-Haydinjak_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 143415
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_oLIh-KS3zUKZozm3aaAEXdS3UDYredKy6pHkI_ve0J4S_4jOF_YJNw51i3Eyftoc-VU2uwkEfzijozJUfk_FF7mPEf8sNhfbQpvIwz4WuLhFkf9kT9ET195NyrNkE_iclPuVQ2cz134iB3oamaJJya4rJkQF07jOVP0kaPkfivCQDMJaV4kOQLjh2wnP/s72-c/230904_Mexico-crash_1_.jpg

142.250.74.97

200 OK

3880

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_oLIh-KS3zUKZozm3aaAEXdS3UDYredKy6pHkI_ve0J4S_4jOF_YJNw51i3Eyftoc-VU2uwkEfzijozJUfk_FF7mPEf8sNhfbQpvIwz4WuLhFkf9kT9ET195NyrNkE_iclPuVQ2cz134iB3oamaJJya4rJkQF07jOVP0kaPkfivCQDMJaV4kOQLjh2wnP/s72-c/230904_Mexico-crash_1_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data

Size

3880
Hash

915a48206067ece36d8fd38c95592c82

be9dea4da6cfd16a7e33017ca530464c24f0c07c

67e320d0bf798c593971a91f4f22f1b4195107d68e8bedb9e7d2984813e27d4a

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEi_oLIh-KS3zUKZozm3aaAEXdS3UDYredKy6pHkI_ve0J4S_4jOF_YJNw51i3Eyftoc-VU2uwkEfzijozJUfk_FF7mPEf8sNhfbQpvIwz4WuLhFkf9kT9ET195NyrNkE_iclPuVQ2cz134iB3oamaJJya4rJkQF07jOVP0kaPkfivCQDMJaV4kOQLjh2wnP/s72-c/230904_Mexico-crash_1_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c755"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230904_Mexico-crash_1_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 3880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU-yprlFIc2DzowxdMap69QxGf731CadtxdQ5jvIZ6ZqGMXsUh8VcVTNvk8qcKxFvHAghnDoiAXpqSKLhcnBNSninttvKjIArxSrLCaJPNuQDRFJ29F2Vn7OhptgKzDsadC0KlVV92EE_UFmB5i74rMBmdUCR1hrB4Kn61VjHcnbm9bznSBLTs5xak/s72-c/2009_Archer_.jpg

142.250.74.97

200 OK

2206

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU-yprlFIc2DzowxdMap69QxGf731CadtxdQ5jvIZ6ZqGMXsUh8VcVTNvk8qcKxFvHAghnDoiAXpqSKLhcnBNSninttvKjIArxSrLCaJPNuQDRFJ29F2Vn7OhptgKzDsadC0KlVV92EE_UFmB5i74rMBmdUCR1hrB4Kn61VjHcnbm9bznSBLTs5xak/s72-c/2009_Archer_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data

Size

2206
Hash

3a63f0ba697cc731e56f63fa49c60715

8ce27d9d977b15118fd13890f5ecda919102548d

5826a19675dd8815944ca74a4a49b6f0f76835241603c80af820b40b6efd4644

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEiU-yprlFIc2DzowxdMap69QxGf731CadtxdQ5jvIZ6ZqGMXsUh8VcVTNvk8qcKxFvHAghnDoiAXpqSKLhcnBNSninttvKjIArxSrLCaJPNuQDRFJ29F2Vn7OhptgKzDsadC0KlVV92EE_UFmB5i74rMBmdUCR1hrB4Kn61VjHcnbm9bznSBLTs5xak/s72-c/2009_Archer_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v28f3d"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2009_Archer_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 2206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

e5f9f802e548a076e6066ecff6aa5bbb

fb8dfabace38ae24e462d84eddc3d25b48b23a20

20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPway62JqU4PLx4c7ulMzeFsBKqox0WdgoLkT_dUTMjP-qs5j6Wvt9idydd4sJuHDcWaXhnSJJ2-eo3GfWJ6meAzI_QX5S7FJbT7rcOA01awj6BJ_llXZ68WMqoIxSP4NkNg_35wtJFnSfYs7uMuH-XAtnoDpxvS6Y5jtCRjDdAUkINwGMvttFmPJg/s72-c/Der-Hubschrauber-Noten-beide-Bla%CC%88tter_.jpg

142.250.74.97

200 OK

2764

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPway62JqU4PLx4c7ulMzeFsBKqox0WdgoLkT_dUTMjP-qs5j6Wvt9idydd4sJuHDcWaXhnSJJ2-eo3GfWJ6meAzI_QX5S7FJbT7rcOA01awj6BJ_llXZ68WMqoIxSP4NkNg_35wtJFnSfYs7uMuH-XAtnoDpxvS6Y5jtCRjDdAUkINwGMvttFmPJg/s72-c/Der-Hubschrauber-Noten-beide-Bla%CC%88tter_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data

Size

2764
Hash

566d3ebce1eca760889ee73128e2848f

85687534b98d8b15db926229b69995e1b4826dfd

a9c395b2b729aeda592196bf1066e190a1d10f61441bbda2d9ee64b98aa9d8a9

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEgPway62JqU4PLx4c7ulMzeFsBKqox0WdgoLkT_dUTMjP-qs5j6Wvt9idydd4sJuHDcWaXhnSJJ2-eo3GfWJ6meAzI_QX5S7FJbT7rcOA01awj6BJ_llXZ68WMqoIxSP4NkNg_35wtJFnSfYs7uMuH-XAtnoDpxvS6Y5jtCRjDdAUkINwGMvttFmPJg/s72-c/Der-Hubschrauber-Noten-beide-Bla%CC%88tter_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v29572"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Der-Hubschrauber-Noten-beide-Bla_tter_.jpg";filename*=UTF-8''Der-Hubschrauber-Noten-beide-Bla%CC%88tter_.jpg
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 2764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPopfb2k6EcSKj5odjjgwKig11f4JonO1o2h9W34cxoj4OdNod3HwpTDQqlzhwOloDnfP-Tqw6gc_6zIL-VgUq_J1OggrRqBD5qk2lcbpoojycPesqaaOQ1af2Zp0MmOFUTQs_PLlrrYBEg9AghphrhiP3PcTRyh7JoGKjrNK3LNOcdX5j1x1Z6ni9vODt/s72-c/2021-7_Airforces-B505-Jamaica_.jpg

142.250.74.97

200 OK

4100

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPopfb2k6EcSKj5odjjgwKig11f4JonO1o2h9W34cxoj4OdNod3HwpTDQqlzhwOloDnfP-Tqw6gc_6zIL-VgUq_J1OggrRqBD5qk2lcbpoojycPesqaaOQ1af2Zp0MmOFUTQs_PLlrrYBEg9AghphrhiP3PcTRyh7JoGKjrNK3LNOcdX5j1x1Z6ni9vODt/s72-c/2021-7_Airforces-B505-Jamaica_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data

Size

4100
Hash

fe97be119204ccf8006121fb226eb484

949b46653a3f06ad16029eba9fc59d1a50c7a4e3

49e084945cc9ee9bbb861586b1391c81d6b34fcd4bbd29fef4dcc8b8b8ebae72

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEiPopfb2k6EcSKj5odjjgwKig11f4JonO1o2h9W34cxoj4OdNod3HwpTDQqlzhwOloDnfP-Tqw6gc_6zIL-VgUq_J1OggrRqBD5qk2lcbpoojycPesqaaOQ1af2Zp0MmOFUTQs_PLlrrYBEg9AghphrhiP3PcTRyh7JoGKjrNK3LNOcdX5j1x1Z6ni9vODt/s72-c/2021-7_Airforces-B505-Jamaica_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c7a0"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2021-7_Airforces-B505-Jamaica_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 4100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWUmv20vJErlUs5Oe--UboVV6HMxCvdYsTuWsCpVkFjRMxqvHSpVtCs6od14ALnlEG4YqHZRVAerVeCugEpLZhx9_vBsxeNimDTAv-A4YYrHcrqKSKTEWzi2CqN0zU0dBid5nBBY7zBNVLqjCxpLZjZt_TV6LPMJK_VecfGTQ16uq7AoGF_jD6PJuJgKc/s72-c/230814_Mannheim_x_.jpg

142.250.74.97

200 OK

1432

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWUmv20vJErlUs5Oe--UboVV6HMxCvdYsTuWsCpVkFjRMxqvHSpVtCs6od14ALnlEG4YqHZRVAerVeCugEpLZhx9_vBsxeNimDTAv-A4YYrHcrqKSKTEWzi2CqN0zU0dBid5nBBY7zBNVLqjCxpLZjZt_TV6LPMJK_VecfGTQ16uq7AoGF_jD6PJuJgKc/s72-c/230814_Mannheim_x_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data

Size

1432
Hash

6074de06e76f44dd7242c50dd3e7d232

21f161cec356255b36e9f3c4aad456d2abcfe222

ee931defa031b56f8a78ba8fdb59cf3843b7661d7e184430bb9ab6ae4711dac2

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEgWUmv20vJErlUs5Oe--UboVV6HMxCvdYsTuWsCpVkFjRMxqvHSpVtCs6od14ALnlEG4YqHZRVAerVeCugEpLZhx9_vBsxeNimDTAv-A4YYrHcrqKSKTEWzi2CqN0zU0dBid5nBBY7zBNVLqjCxpLZjZt_TV6LPMJK_VecfGTQ16uq7AoGF_jD6PJuJgKc/s72-c/230814_Mannheim_x_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c075"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230814_Mannheim_x_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 1432
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilc9ntPFrdlCYS9Ajl1cUNfOwjKxNSQ2KQvZO5bwGZyr41BvgONP6nswCrigC-eIOa1Xvd3nom1-5fDoyWgq-0ZUERtGekQ_Z1GlzKBY0ZKbNczFVmatRAnl9Dad4SaK3UmHW43XBIqGGZNwNxYkIbr3bt3BToEHtSR8fQekmdQwRg2vCfQwVC7pbi/s72-c/ded_moroz-winterpause_.jpg

142.250.74.97

200 OK

4404

URL GET HTTP/2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilc9ntPFrdlCYS9Ajl1cUNfOwjKxNSQ2KQvZO5bwGZyr41BvgONP6nswCrigC-eIOa1Xvd3nom1-5fDoyWgq-0ZUERtGekQ_Z1GlzKBY0ZKbNczFVmatRAnl9Dad4SaK3UmHW43XBIqGGZNwNxYkIbr3bt3BToEHtSR8fQekmdQwRg2vCfQwVC7pbi/s72-c/ded_moroz-winterpause_.jpg
IP

142.250.74.97:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.googleusercontent.com

Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5

ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data

Size

4404
Hash

5c2f38faa139dec1d3efa4297d44c6af

e733612508a14278529558d6eba99663350b998f

55720528aff4fcf72b06172f9906a922e99bbe51d5ab6b6a89995277f15e2d59

HTTP Headers

                                        GET /img/b/R29vZ2xl/AVvXsEilc9ntPFrdlCYS9Ajl1cUNfOwjKxNSQ2KQvZO5bwGZyr41BvgONP6nswCrigC-eIOa1Xvd3nom1-5fDoyWgq-0ZUERtGekQ_Z1GlzKBY0ZKbNczFVmatRAnl9Dad4SaK3UmHW43XBIqGGZNwNxYkIbr3bt3BToEHtSR8fQekmdQwRg2vCfQwVC7pbi/s72-c/ded_moroz-winterpause_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2897d"
expires: Wed, 27 Sep 2023 10:16:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ded_moroz-winterpause_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:26 GMT
server: fife
content-length: 4404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

86f13e0e5bd629070766ef73e2a67867

ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d

3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

e5f9f802e548a076e6066ecff6aa5bbb

fb8dfabace38ae24e462d84eddc3d25b48b23a20

20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css

142.250.74.35

200 OK

3960

URL GET HTTP/3

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css
IP

142.250.74.35:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27

ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

Magic

ASCII text, with very long lines (20367), with no line terminators

Size

3960
Hash

72d3a735ccca1027f6b3afba2c93e3a7

67f8eff8d17334c59c28fc1753bf451527c7490d

c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

                                        GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 18:36:14 GMT
expires: Fri, 20 Sep 2024 18:36:14 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 402016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

ca3afb7df10c01fb4a7514ea3f1493e1

7b234d99c8683384c389995c31d4b60b65ae8c53

d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.2F63wKe-t30.O/d=1/exm=el_conf/ed=1/rs=AN8SPfor0YpiSyIWQCa_tLwxmE_CZ4q-QA/m=el_main

142.250.74.170

200 OK

78266

URL GET HTTP/2

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.2F63wKe-t30.O/d=1/exm=el_conf/ed=1/rs=AN8SPfor0YpiSyIWQCa_tLwxmE_CZ4q-QA/m=el_main
IP

142.250.74.170:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectupload.video.google.com

FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49

ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

Magic

ASCII text, with very long lines (1660)

Size

78266
Hash

9a386a5bf33261ce082029ac77df052f

5266e7bcc00fa4fde5ce260d37d6fd98bde28bf0

01d82e2af447877a0c7e89bbc9cc2cc5039ffa9be7495b210de073bbcd6957c5

HTTP Headers

                                        GET /_/translate_http/_/js/k=translate_http.tr.no.2F63wKe-t30.O/d=1/exm=el_conf/ed=1/rs=AN8SPfor0YpiSyIWQCa_tLwxmE_CZ4q-QA/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 78266
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 19:06:25 GMT
expires: Tue, 24 Sep 2024 19:06:25 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 23 Sep 2023 03:10:55 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

helikopterhysteriezwo.blogspot.com/2023/09/crashes-3141.html?dynamicviews=1&v=0

172.217.21.161

200 OK

6219

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/2023/09/crashes-3141.html?dynamicviews=1&v=0
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7325)

Size

6219
Hash

bbf0a1615459fe4f71102931a5e77116

ebab199be9b1628ddfa099988952dab2d59f08b8

e4723035939a1ad9bb51e57b79c65add27e6705a8129eb8effa9bb1ae0f02e1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /2023/09/crashes-3141.html?dynamicviews=1&v=0 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:30 GMT
date: Tue, 26 Sep 2023 10:16:30 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: W/"f15c52cef1660e171277f2da5da84a8e5f49d6250c3beb6d91a6a8e78ef397c2"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 6219
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

ca3afb7df10c01fb4a7514ea3f1493e1

7b234d99c8683384c389995c31d4b60b65ae8c53

d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

helikopterhysteriezwo.blogspot.com/feeds/2554180235786207917/comments/default?alt=json&v=2&dynamicviews=1&orderby=published&reverse=false&max-results=50&rewriteforssl=true

172.217.21.161

200 OK

874

URL GET HTTP/3

helikopterhysteriezwo.blogspot.com/feeds/2554180235786207917/comments/default?alt=json&v=2&dynamicviews=1&orderby=published&reverse=false&max-results=50&rewriteforssl=true
IP

172.217.21.161:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subjectmisc-sni.blogspot.com

Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84

ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

Magic

JSON data\012- , Unicode text, UTF-8 text, with very long lines (1612), with no line terminators

Size

874
Hash

b8dc8d04e975f34d9be26ffebcece941

fe4ece61c6ff7725ee8e187e452bab96443dc935

c6c6245dfdf492c804a97d6442ff7674e35141754b987b7ba0b6a77646c1ec8c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

                                        GET /feeds/2554180235786207917/comments/default?alt=json&v=2&dynamicviews=1&orderby=published&reverse=false&max-results=50&rewriteforssl=true HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"9e370786040301fe187b0e376896d39c19ccf8421770d04b6ebdb4257edf388b"
date: Tue, 26 Sep 2023 10:16:31 GMT
content-type: application/json; charset=UTF-8
server: blogger-renderd
expires: Tue, 26 Sep 2023 10:16:32 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 15:00:59 GMT
content-encoding: gzip
content-length: 874
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

142.250.74.35

200 OK

910

URL GET HTTP/3

www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP

142.250.74.35:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27

ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

Magic

PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data

Size

910
Hash

efa6bb2bfe459bc6f4bdafa3db0383f6

52d15ce52fe50643e542c17812de43f4ed1b6ee0

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

HTTP Headers

                                        GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 19:05:11 GMT
expires: Tue, 24 Sep 2024 19:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
vary: Origin
age: 54680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1842

URL GET HTTP/3

www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP

142.250.74.35:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27

ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

Magic

PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data

Size

1842
Hash

c69c796362406f9e11c7f4bf5bb628da

e489ce95ab56208090868882113d7416abf46775

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

                                        GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 14:17:19 GMT
expires: Tue, 24 Sep 2024 14:17:19 GMT
cache-control: public, max-age=31536000
age: 71952
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

142.250.74.163

200 OK

3340

URL GET HTTP/2

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP

142.250.74.163:443
ASN

#15169 GOOGLE

Requested by

https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27

ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

Magic

SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6225), with no line terminators

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

#1 JS:Script (size: 36956)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#2 JS:Script (size: 10738)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#3 JS:Script (size: 27)

Introduced by

Inline HTML

Observations

Hash

#4 JS:Script (size: 399248)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#5 JS:Script (size: 275)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#6 JS:Script (size: 222336)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#7 JS:Script (size: 160393)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash