Report - helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html

Report Overview

Visited public
2023-09-26 10:16:41
Tags
Submit Tags
URL
helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Finishing URL
helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
IP / ASN
172.217.21.161
#15169 GOOGLE
Title
The female of the species (54) – Cornelia Hajdinyak (Gyrocopter girl) (3) | Helikopter Hysterie ZWO – Das Hubschrauberblog des Heinrich Dubel

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
blogger.googleusercontent.com	16485	2008-11-17	2012-05-25 19:41:01	2023-09-25 21:07:25	9.0 kB	813 kB	142.250.74.97
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04 07:37:42	2023-09-26 00:14:59	550 B	2.3 kB	142.250.74.170
translate.google.com	1156	1997-09-15	2012-05-30 03:30:32	2023-09-25 18:12:47	972 B	89 kB	216.58.211.14
www.blogblog.com	28878	2000-09-15	2012-05-22 09:35:04	2023-09-25 22:50:04	1.8 kB	270 kB	216.58.207.233
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-09-26 00:10:21	2.1 kB	9.8 kB	142.250.74.35
i9.ytimg.com	2370	2007-12-11	2017-01-30 06:14:04	2023-09-24 01:47:46	511 B	8.4 kB	172.217.21.174
1.bp.blogspot.com	8403	2000-07-31	2012-05-21 15:44:19	2023-09-25 18:42:06	1.1 kB	8.1 kB	142.250.74.161
2.bp.blogspot.com	11071	2000-07-31	2012-05-21 15:44:19	2023-09-25 21:26:49	571 B	144 kB	142.250.74.161
translate.googleapis.com	1005	2005-01-25	2012-05-31 09:21:21	2023-09-26 00:23:57	547 B	79 kB	142.250.74.170
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-09-25 22:05:36	473 B	4.2 kB	142.250.74.163
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-25 18:12:03	7.3 kB	15 kB	142.250.74.131
helikopterhysteriezwo.blogspot.com	unknown	2000-07-31	2015-01-09 22:58:08	2023-07-21 13:01:09	11 kB	351 kB	172.217.21.161
www.blogger.com	8975	1999-06-22	2012-05-22 09:35:03	2023-09-25 18:32:09	4.3 kB	188 kB	216.58.207.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	bp.blogspot.com	Sinkholed
2023-09-26	medium	bp.blogspot.com	Sinkholed
2023-09-26	medium	bp.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed
2023-09-26	medium	helikopterhysteriezwo.blogspot.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	From	Size	First Seen	Last Seen
	www.blogger.com/static/v1/jsbin/3660368207-video_compiled.js	ScriptElement	37 kB	2023-09-09	2023-10-15
Pretty URL www.blogger.com/static/v1/jsbin/3660368207-video_compiled.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-09 08:42 Last Seen2023-10-15 17:54 Times Seen47 Hash 462d2d7993d356cd5a315e818b8d4aab b856e00bba27dc08d1403638b03f16af701db368 16f4b7ec27cf93ac62210a53f51152749dcfd31b5a08deb45f8848b30f50848e Loading...

	www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/languages/lang__de.js	ScriptElement	11 kB	2023-09-26	2023-09-26
Pretty URL www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/languages/lang__de.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 12:16 Last Seen2023-09-26 12:16 Times Seen1 Hash f95bce7239551cc0bec3333f86620fe4 bab24f3d952dd94b423f5e50777ec14761873d8c f6e319d786203b86a4ed6103ba318dc66e9c2410794adf27000c222e9e7ed73f Loading...

	unknown	EventHandler	27 B	2023-04-10	2025-07-15
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:53 Last Seen2025-07-15 19:55 Times Seen27618 Hash 7688ca9eb3ca1c878821b1e3fe2c23d7 2c41fd7e9f8312d6fed18b21e1a0589413e35553 793bae9539499e6e02187febbd2e20fd17dd40260033f5175dbfc2f294440d9a Loading...

	www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js	ScriptElement	399 kB	2023-03-07	2025-07-14
Pretty URL www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39 Last Seen2025-07-14 20:41 Times Seen350 Hash f7c41bb3b904cbcc49ba53232535e983 dc873d1f036da0b53b011a5046a23d258b5a5bd2 266c8725e6911ff0e2f23572d0ebf1e30c7594e49ea8bed00af914c924fc086a Loading...

	helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html	ScriptElement	275 B	2023-03-07	2025-07-15
Pretty URL helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-07-15 19:28 Times Seen41623 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.2F63wKe-t30.O/d=1/exm=el_conf/ed=1/rs=AN8SPfor0YpiSyIWQCa_tLwxmE_CZ4q-QA/m=el_main	ScriptElement	222 kB	2023-09-25	2023-11-10
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.2F63wKe-t30.O/d=1/exm=el_conf/ed=1/rs=AN8SPfor0YpiSyIWQCa_tLwxmE_CZ4q-QA/m=el_main IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-25 23:48 Last Seen2023-11-10 11:33 Times Seen181 Hash 9a386a5bf33261ce082029ac77df052f 5266e7bcc00fa4fde5ce260d37d6fd98bde28bf0 01d82e2af447877a0c7e89bbc9cc2cc5039ffa9be7495b210de073bbcd6957c5 Loading...

	www.blogger.com/static/v1/widgets/562952797-widgets.js	ScriptElement	160 kB	2023-09-20	2025-01-31
Pretty URL www.blogger.com/static/v1/widgets/562952797-widgets.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 04:35 Last Seen2025-01-31 05:40 Times Seen1951 Hash 0804e4c7fd72aea2ce34a04d9ec9686c 9f46bef1076230a1271d151a506fd1d91ae7df93 5ea4b0b19c5f030a3b42b570c07cbea89a7899f1d824a95b53ad2c4ca18a2b5c Loading...

	helikopterhysteriezwo.blogspot.com/js/cookienotice.js	ScriptElement	6.5 kB	2023-03-07	2025-07-15
Pretty URL helikopterhysteriezwo.blogspot.com/js/cookienotice.js IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-15 19:28 Times Seen48122 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	helikopterhysteriezwo.blogspot.com/_/translate_http/_/js/k=translate_http.tr.no.2F63wKe-t30.O/d=1/rs=AN8SPfor0YpiSyIWQCa_tLwxmE_CZ4q-QA/m=el_conf	ScriptElement	87 kB	2023-09-26	2023-09-26
Pretty URL helikopterhysteriezwo.blogspot.com/_/translate_http/_/js/k=translate_http.tr.no.2F63wKe-t30.O/d=1/rs=AN8SPfor0YpiSyIWQCa_tLwxmE_CZ4q-QA/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 12:16 Last Seen2023-09-26 12:16 Times Seen1 Hash f1e6cdf34194bb2d9c90a8131ddf8998 dbf52fb0815576278c4b7708897e94f458f5b3ab 924f0499a13d24cea82cab151de1e285f1773ba39a70eec0ed4b9f3da93e3ef5 Loading...

	unknown	ScriptElement	30 B	2023-03-07	2025-07-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39 Last Seen2025-07-14 20:41 Times Seen199 Hash 1aeec5a0e61edb88f215e4026d0cc0a3 55849bfff96d0f7c671b5185f32ab0c37792b018 40f60945a2c55a703fba54c6cc24bf3c6cc372e4ddd73c9de9488f3109ce32d5 Loading...

	www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/classic.js	ScriptElement	119 kB	2023-06-16	2025-01-02
Pretty URL www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/classic.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-16 15:21 Last Seen2025-01-02 12:17 Times Seen82 Hash 5b7fef569cfb882f2bdfb04bc6e68159 b875796883441cbb3e16a5442796385730d384a9 5f79da1ace2e184424ea4cd11c9282617276ed2d59e657547d92e36650ef6947 Loading...

	helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html	ScriptElement	98 B	2023-03-07	2025-07-14
Pretty URL helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:39 Last Seen2025-07-14 20:41 Times Seen181 Hash 8c613ac2bea8d59b240d1ec458d0ad3b 0b196b824cb99c5c6f4d766e67ae21b335fcc7de f684224797e92564f8b326674392f29bce94f822aa8733f508a736b2b84b562e Loading...

	helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html	ScriptElement	789 B	2023-03-07	2024-08-21
Pretty URL helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2024-08-21 09:44 Times Seen17283 Hash 0699fb3015610319b1639f47466451f0 5f4d8a4022f3a687921d7b3dce01cfc5bd62248f 2443e5c9c4ba5a75e030860f998bcf800907b0d4b3c4017999c2ed7ac84eeefa Loading...

	www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ	ScriptElement	0 B	0001-01-01	2025-07-15
Pretty URL www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-15 20:51 Times Seen5431142 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/common.js	ScriptElement	292 kB	2023-09-15	2023-09-26
Pretty URL www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/common.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-15 21:28 Last Seen2023-09-26 13:30 Times Seen44 Hash 8181c57cf53a7bb64a296776d1c0075d b6fdd2b12383870030f40a4f60b9d557568b6358 a2420ee0e5343baafbdaad9c7585afbcb2d51af564ff3661b2f1df1e7cc6a30f Loading...

	helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html	ScriptElement	19 kB	2024-08-21	2024-08-21
Pretty URL helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:44 Last Seen2024-08-21 05:44 Times Seen1 Hash 03569480379a304630180a20bc3aab22 8a7f56f61c97b6e983e2ef634a661d06c809855b 0838843f3c756bc76f4752cf5ddd005c70fcf0a3c4a8aa6a7e3600fafc4dfdef Loading...

		Size	First Seen	Last Seen
	#1 Eval - 3ceab58bd76c10c0b7eb0d8b43e2ae47	91 B	2024-08-21 05:44	2024-08-21 05:44
Pretty Observations First Seen2024-08-21 05:44 Last Seen2024-08-21 05:44 Times Seen1 Hash 3ceab58bd76c10c0b7eb0d8b43e2ae47 7c4d03415942b3dcf341ec172a286a937e475340 31aba677287698374c957b6fbb22d8f4d23dc0c69847ad12b0b1211be8fd8787 Loading...

	#2 Eval - acec8d7745772fa4933389741817c6e8	686 B	2024-08-21 05:44	2024-08-21 05:44
Pretty Observations First Seen2024-08-21 05:44 Last Seen2024-08-21 05:44 Times Seen1 Hash acec8d7745772fa4933389741817c6e8 fc5544f569dd73615d04360ec28b89ef0b37a8a1 c8c0f2984b8315221ad0ff187f348965f91c505bd9325ffe722556c3c7b0ca56 Loading...

	#3 Eval - adba2f02b31777dd9e0ab9ca2df0cd6a	1.1 MB	2024-08-21 05:44	2024-08-21 05:44
Pretty Observations First Seen2024-08-21 05:44 Last Seen2024-08-21 05:44 Times Seen1 Hash adba2f02b31777dd9e0ab9ca2df0cd6a 4628ca5ca26fa03012e885cbbcc7d136f8abf760 2f89d3e45d6f1a510f483511f131a032ac9af9a5d55d098ce7d8ca0c2ce65af3 Loading...

	#4 Eval - 2ef3dffdc309693dbdd737e9503a607e	240 B	2024-08-21 05:44	2024-08-21 05:44
Pretty Observations First Seen2024-08-21 05:44 Last Seen2024-08-21 05:44 Times Seen1 Hash 2ef3dffdc309693dbdd737e9503a607e 2d9d5a35dff8db6b4b2e246e95f60108c3d3d64a 989bd0bb298f546c32019ebae664eba756aad9269958ffdd028d6fb35bcf6994 Loading...

	#5 Eval - cf4744fb4d85884f5456787b481854c9	9.1 kB	2024-08-21 05:44	2024-08-21 05:44
Pretty Observations First Seen2024-08-21 05:44 Last Seen2024-08-21 05:44 Times Seen1 Hash cf4744fb4d85884f5456787b481854c9 b8af6dcb726633fec2a61ab4d764b3aa11934e16 d5a70311c6d56c5aed70b4b270edb2db142f5a61c73a12e62610a0c80290ea64 Loading...

	#6 Eval - 2e09957d6a1f88bc36cb63a97473f5f4	43 kB	2024-08-21 05:44	2024-08-21 05:44
Pretty Observations First Seen2024-08-21 05:44 Last Seen2024-08-21 05:44 Times Seen1 Hash 2e09957d6a1f88bc36cb63a97473f5f4 c39d3b394e50933f1b7dd63c042d87c44c56f197 cf037127e368d781d9116d308c8c5669d8333dada9e78fd2ade38b1195b76f63 Loading...

		Size	First Seen	Last Seen
	#1 Write - e23619437a3089cc3ac7c9f8ee305e13	44 B	2023-03-07 01:39	2025-07-14 20:41
Pretty Observations First Seen2023-03-07 01:39 Last Seen2025-07-14 20:41 Times Seen216 Hash e23619437a3089cc3ac7c9f8ee305e13 5692dc207a6b114b15c8efb5cf5cbc926de3330d adaee92714de3cc13afede8329494a8a43c1c485e94aadf139f3548682aade83 Loading...

	#2 Write - b6f09a82fb7cad9c1cf809ae0ed3a8b9	3.0 kB	2023-07-17 22:34	2024-08-21 09:44
Pretty Observations First Seen2023-07-17 22:34 Last Seen2024-08-21 09:44 Times Seen1028 Hash b6f09a82fb7cad9c1cf809ae0ed3a8b9 b66d65e2d066ff41263225a21dc19774c975af36 05d15c187b78de98e96fae7069b8c928850624e114d793a56638b36a71875652 Loading...

HTTP Transactions (79)

URL IP Response Size

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
edb0c213685c28c266c093ac59c369b0
e0841c1928ee05cb6b2e1394c51ee33b51095d06
0224d0e9559dee969f319bbc8cb3def81a2d418d9f2ba72d60cd6830d1e6dee2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html

172.217.21.161

200 OK

8.8 kB

URL User Request GET HTTP/2
helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14041)
Size
8.8 kB (8760 bytes)
Hash
5f05ef149a013a1bdfa2e8900c89aad9
338a3659a45aea2d21cf639a25bcf0fa0ea2ef43
f3a91f3b7443f51f9717d51f4c8ad0cf262e6dc533c860c7513094849009acbb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2018/02/the-female-of-species-54-cornelia.html HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:21 GMT
date: Tue, 26 Sep 2023 10:16:21 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: W/"f15c52cef1660e171277f2da5da84a8e5f49d6250c3beb6d91a6a8e78ef397c2"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 8760
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
edb0c213685c28c266c093ac59c369b0
e0841c1928ee05cb6b2e1394c51ee33b51095d06
0224d0e9559dee969f319bbc8cb3def81a2d418d9f2ba72d60cd6830d1e6dee2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET helikopterhysteriezwo.blogspot.com/js/cookienotice.js

172.217.21.161

200 OK

2.0 kB

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/js/cookienotice.js
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text
Size
2.0 kB (2026 bytes)
Hash
a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Tue, 26 Sep 2023 10:16:21 GMT
expires: Tue, 03 Oct 2023 10:16:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 26 Sep 2023 07:53:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a531c4a6f63eec7c47b290aaea56a63
2ab462b13b2696cf0fb363d65c833b7b55e363fb
a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a531c4a6f63eec7c47b290aaea56a63
2ab462b13b2696cf0fb363d65c833b7b55e363fb
a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a531c4a6f63eec7c47b290aaea56a63
2ab462b13b2696cf0fb363d65c833b7b55e363fb
a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a531c4a6f63eec7c47b290aaea56a63
2ab462b13b2696cf0fb363d65c833b7b55e363fb
a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a531c4a6f63eec7c47b290aaea56a63
2ab462b13b2696cf0fb363d65c833b7b55e363fb
a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

216.58.207.233

200 OK

7.8 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with very long lines (35959)
Size
7.8 kB (7756 bytes)
Hash
1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

HTTP Headers

GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 20:27:36 GMT
expires: Tue, 24 Sep 2024 20:27:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Sep 2023 11:54:51 GMT
content-type: text/css
vary: Accept-Encoding
age: 49725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/classic.js

216.58.207.233

200 OK

41 kB

URL GET HTTP/2
www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/classic.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
41 kB (40707 bytes)
Hash
5b7fef569cfb882f2bdfb04bc6e68159
b875796883441cbb3e16a5442796385730d384a9
5f79da1ace2e184424ea4cd11c9282617276ed2d59e657547d92e36650ef6947

HTTP Headers

GET /dynamicviews/9fc060cdf7011fe5/js/classic.js HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 40707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 02:14:23 GMT
expires: Fri, 29 Sep 2023 02:14:23 GMT
cache-control: public, max-age=604800
last-modified: Thu, 21 Sep 2023 04:52:48 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 374518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/common.js

216.58.207.233

200 OK

100 kB

URL GET HTTP/2
www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/common.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with very long lines (2629)
Size
100 kB (99845 bytes)
Hash
8181c57cf53a7bb64a296776d1c0075d
b6fdd2b12383870030f40a4f60b9d557568b6358
a2420ee0e5343baafbdaad9c7585afbcb2d51af564ff3661b2f1df1e7cc6a30f

HTTP Headers

GET /dynamicviews/9fc060cdf7011fe5/js/common.js HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 99845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 02:14:23 GMT
expires: Fri, 29 Sep 2023 02:14:23 GMT
cache-control: public, max-age=604800
last-modified: Thu, 21 Sep 2023 04:52:48 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 374518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/languages/lang__de.js

216.58.207.233

200 OK

4.5 kB

URL GET HTTP/2
www.blogblog.com/dynamicviews/9fc060cdf7011fe5/js/languages/lang__de.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with very long lines (929)
Size
4.5 kB (4491 bytes)
Hash
f95bce7239551cc0bec3333f86620fe4
bab24f3d952dd94b423f5e50777ec14761873d8c
f6e319d786203b86a4ed6103ba318dc66e9c2410794adf27000c222e9e7ed73f

HTTP Headers

GET /dynamicviews/9fc060cdf7011fe5/js/languages/lang__de.js HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 4491
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 00:37:08 GMT
expires: Mon, 02 Oct 2023 00:37:08 GMT
cache-control: public, max-age=604800
last-modified: Thu, 21 Sep 2023 04:52:48 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 121153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js

216.58.207.233

200 OK

122 kB

URL GET HTTP/2
www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
HTML document, ASCII text, with very long lines (2028)
Size
122 kB (122175 bytes)
Hash
f7c41bb3b904cbcc49ba53232535e983
dc873d1f036da0b53b011a5046a23d258b5a5bd2
266c8725e6911ff0e2f23572d0ebf1e30c7594e49ea8bed00af914c924fc086a

HTTP Headers

GET /dynamicviews/4224c15c4e7c9321/js/comments.js HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 122175
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:27:56 GMT
expires: Thu, 28 Sep 2023 15:27:56 GMT
cache-control: public, max-age=604800
age: 413305
last-modified: Mon, 14 May 2012 20:21:35 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.blogger.com/static/v1/widgets/562952797-widgets.js

216.58.207.233

200 OK

160 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/562952797-widgets.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with very long lines (2215)
Size
160 kB (160393 bytes)
Hash
0804e4c7fd72aea2ce34a04d9ec9686c
9f46bef1076230a1271d151a506fd1d91ae7df93
5ea4b0b19c5f030a3b42b570c07cbea89a7899f1d824a95b53ad2c4ca18a2b5c

HTTP Headers

GET /static/v1/widgets/562952797-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 160393
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:21:50 GMT
expires: Thu, 19 Sep 2024 02:21:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Sep 2023 00:55:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 546871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a531c4a6f63eec7c47b290aaea56a63
2ab462b13b2696cf0fb363d65c833b7b55e363fb
a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1a531c4a6f63eec7c47b290aaea56a63
2ab462b13b2696cf0fb363d65c833b7b55e363fb
a36b9f9add0059bf3c5054b2e14d5ddcca528eff04908102701a426d2fa603a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.blogger.com/dyn-css/authorization.css?targetBlogID=1946443303423348198&zx=60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca

216.58.207.233

200 OK

21 B

URL GET HTTP/3
www.blogger.com/dyn-css/authorization.css?targetBlogID=1946443303423348198&zx=60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=1946443303423348198&zx=60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Sep 2023 10:16:22 GMT
last-modified: Tue, 26 Sep 2023 10:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/favicon.ico

172.217.21.161

200 OK

983 B

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/favicon.ico
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
983 B (983 bytes)
Hash
bb61749e42abdc1c6573bfb9e15ef801
8a2f0fec2274e06ebd5857704e87c75f816b1908
91209d6110796ac1d53fcc20fb20ab09cd21996e6e04cb788beeaebd1e3f6139

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=86400
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: W/"f15c52cef1660e171277f2da5da84a8e5f49d6250c3beb6d91a6a8e78ef397c2"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 983
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

294 B

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text
Size
294 B (294 bytes)
Hash
ce9e06d2ce627b44d4bef2f7ccdf36e0
a955b2dc8eb7f471569b26f501812516a9a26f0d
3bcefdf9791be7db76fe9dbc05f7ffb757573a2d418afee0c072e95c56720968

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 294
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

191 B

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text
Size
191 B (191 bytes)
Hash
1f4c731fdd35dd3ccc9ad274567935b4
9157e96b517c12e3887598b8a7c4be187db8b450
a333dc36ed6e795b957a045441cfa50013fa18233f8bd93aecb727025a465eb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 191
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

542 B

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text, with very long lines (724)
Size
542 B (542 bytes)
Hash
4b22ab8b47c2feacb5e31a7e8949f9e8
cdb4abf98122b56b4c273ba005ce9c468a4d3b25
2237a24c68078673698514a2d384ba2949a93e705509570ef479875a6297854f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 542
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

3.4 kB

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text, with very long lines (9136)
Size
3.4 kB (3438 bytes)
Hash
1e042b10d37511cc17d4605f50849bb8
1dbb7aaa619555e16bd12c3374e2d45c89869506
7da23b6c1f443954192437ca426de236f187fa5e71ecc7b020db023a55784b73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 3438
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

4.7 kB

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text, with very long lines (42881)
Size
4.7 kB (4668 bytes)
Hash
ab4ed811804df8ea88fa3271316cee25
85dd86c3062954a1ae0b7368014e843f130e58f7
00336459ff6f80ad499b5bb216a584343a9fbaf72d09eb993a38e3bb31aad22c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 4668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/feeds/posts/default?alt=json&v=2&dynamicviews=1&orderby=published&max-results=25&rewriteforssl=true

172.217.21.161

200 OK

92 kB

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/feeds/posts/default?alt=json&v=2&dynamicviews=1&orderby=published&max-results=25&rewriteforssl=true
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65306), with no line terminators
Size
92 kB (92540 bytes)
Hash
0203188d2e801e7f6a6c77ecbe51cbf0
a34590cbf94b8e90682a23798c0c658ea1cbe448
8356fef810b8fbbe738951ed9c16cf5c7b9c3f40aa4db2d6d61b646ada79bd76

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /feeds/posts/default?alt=json&v=2&dynamicviews=1&orderby=published&max-results=25&rewriteforssl=true HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"5fbe83f0eb218c101164329c49350d38077f2326467af812e1c37b37c4e0fb25"
date: Tue, 26 Sep 2023 10:16:23 GMT
content-type: application/json; charset=UTF-8
server: blogger-renderd
expires: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
content-encoding: gzip
content-length: 92540
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

105 kB

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text, with very long lines (65530)
Size
105 kB (104886 bytes)
Hash
a9618ab99a5f5cb8d4824da659c40822
8ad1513ff10d216736bf8eb87df7002c46a29350
74b0b564d0ff40f67031532daa215a2a00132da91875af9dc13a6284e4197e0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 104886
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

294 B

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text
Size
294 B (294 bytes)
Hash
ce9e06d2ce627b44d4bef2f7ccdf36e0
a955b2dc8eb7f471569b26f501812516a9a26f0d
3bcefdf9791be7db76fe9dbc05f7ffb757573a2d418afee0c072e95c56720968

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=Attribution1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:23 GMT
date: Tue, 26 Sep 2023 10:16:23 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 294
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/feeds/posts/default/2554180235786207917?alt=json&v=2&dynamicviews=1&rewriteforssl=true

172.217.21.161

200 OK

1.6 kB

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/feeds/posts/default/2554180235786207917?alt=json&v=2&dynamicviews=1&rewriteforssl=true
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (3962), with no line terminators
Size
1.6 kB (1574 bytes)
Hash
0128cdef0cf02f9d530b0aa834ab7ff0
66488816c78c8dcab4633050a046a9e8bebc8102
4f0591c658a44cff7857d0b21f33f7f563a403d25d9bbaf3342125f537e98c36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /feeds/posts/default/2554180235786207917?alt=json&v=2&dynamicviews=1&rewriteforssl=true HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"415059881c94f547108bb05a67a60dccc595de24626c43b89e49f9309a905a33"
date: Tue, 26 Sep 2023 10:16:24 GMT
content-type: application/json; charset=UTF-8
server: blogger-renderd
expires: Tue, 26 Sep 2023 10:16:25 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Tue, 01 Dec 2020 01:00:25 GMT
content-encoding: gzip
content-length: 1574
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ

216.58.207.233

200 OK

1.4 kB

URL GET HTTP/3
www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1539)
Size
1.4 kB (1409 bytes)
Hash
7b18e912253999d7973fd9cdbf1357c5
c9b6d55dc06ba22fa7125d508fa365d93465f195
c85ef732947f3ce888c154ab751e6307a718d396b3bbaf64a39518462587c5f0

HTTP Headers

GET /video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: private, max-age=25200
pragma: no-cache
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1409
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

191 B

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text
Size
191 B (191 bytes)
Hash
1f4c731fdd35dd3ccc9ad274567935b4
9157e96b517c12e3887598b8a7c4be187db8b450
a333dc36ed6e795b957a045441cfa50013fa18233f8bd93aecb727025a465eb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=Translate1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 191
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

542 B

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text, with very long lines (724)
Size
542 B (542 bytes)
Hash
4b22ab8b47c2feacb5e31a7e8949f9e8
cdb4abf98122b56b4c273ba005ce9c468a4d3b25
2237a24c68078673698514a2d384ba2949a93e705509570ef479875a6297854f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=Profile1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 542
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

3.4 kB

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text, with very long lines (9136)
Size
3.4 kB (3438 bytes)
Hash
1e042b10d37511cc17d4605f50849bb8
1dbb7aaa619555e16bd12c3374e2d45c89869506
7da23b6c1f443954192437ca426de236f187fa5e71ecc7b020db023a55784b73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=PopularPosts1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
report-to: {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 3438
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

4.7 kB

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text, with very long lines (42881)
Size
4.7 kB (4668 bytes)
Hash
ab4ed811804df8ea88fa3271316cee25
85dd86c3062954a1ae0b7368014e843f130e58f7
00336459ff6f80ad499b5bb216a584343a9fbaf72d09eb993a38e3bb31aad22c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=BlogArchive1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 4668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86f13e0e5bd629070766ef73e2a67867
ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d
3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86f13e0e5bd629070766ef73e2a67867
ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d
3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86f13e0e5bd629070766ef73e2a67867
ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d
3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86f13e0e5bd629070766ef73e2a67867
ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d
3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.blogger.com/static/v1/jsbin/3660368207-video_compiled.js

216.58.207.233

200 OK

14 kB

URL GET HTTP/3
www.blogger.com/static/v1/jsbin/3660368207-video_compiled.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
ASCII text, with very long lines (2199)
Size
14 kB (13583 bytes)
Hash
462d2d7993d356cd5a315e818b8d4aab
b856e00bba27dc08d1403638b03f16af701db368
16f4b7ec27cf93ac62210a53f51152749dcfd31b5a08deb45f8848b30f50848e

HTTP Headers

GET /static/v1/jsbin/3660368207-video_compiled.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 13583
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 11:23:25 GMT
expires: Wed, 18 Sep 2024 11:23:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Sep 2023 08:53:18 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 600779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
178dd930993366d9bb01d73e2960a0c5
8b316934e079b21ca97a190c864b937c00c677a6
41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.gstatic.com/images/icons/material/system/1x/play_arrow_white_48dp.png

142.250.74.35

200 OK

220 B

URL GET HTTP/2
www.gstatic.com/images/icons/material/system/1x/play_arrow_white_48dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
220 B (220 bytes)
Hash
bbea220e3d4187feca59742dd22e2b27
800f7aea14ae6bb26b4d178af19e2b5fb6700d8a
b0c543456be59cd54e3b13f2fbc2071c25c6f79a6bb45957bbc12e033b55cf06

HTTP Headers

GET /images/icons/material/system/1x/play_arrow_white_48dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 220
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 10:33:52 GMT
expires: Sat, 21 Sep 2024 10:33:52 GMT
cache-control: public, max-age=31536000
age: 344552
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
178dd930993366d9bb01d73e2960a0c5
8b316934e079b21ca97a190c864b937c00c677a6
41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815

172.217.21.161

200 OK

105 kB

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
ASCII text, with very long lines (65530)
Size
105 kB (104886 bytes)
Hash
a9618ab99a5f5cb8d4824da659c40822
8ad1513ff10d216736bf8eb87df7002c46a29350
74b0b564d0ff40f67031532daa215a2a00132da91875af9dc13a6284e4197e0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?v=0&action=initial&widgetId=Label1&responseType=js&xssi_token=AOuZoY71yW18tiGZjSCKSjCqimIx2JVNLw%3A1695723380815 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:24 GMT
date: Tue, 26 Sep 2023 10:16:24 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: "60bac9b7-ac2b-47ec-9bf9-5b3e0f3989ca"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 104886
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.blogger.com/img/logo-16.png

216.58.207.233

200 OK

279 B

URL GET HTTP/3
www.blogger.com/img/logo-16.png
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
279 B (279 bytes)
Hash
5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

HTTP Headers

GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:45:49 GMT
expires: Wed, 27 Sep 2023 02:45:49 GMT
cache-control: public, max-age=604800
last-modified: Tue, 19 Sep 2023 16:55:46 GMT
content-type: image/png
age: 545436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5f9f802e548a076e6066ecff6aa5bbb
fb8dfabace38ae24e462d84eddc3d25b48b23a20
20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5f9f802e548a076e6066ecff6aa5bbb
fb8dfabace38ae24e462d84eddc3d25b48b23a20
20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET 1.bp.blogspot.com/-AleG9_0p_fA/X5rXBgZRYuI/AAAAAAABxHQ/if86IkNqkZ0mWSj761_B9NKWUinzGtJbACLcBGAsYHQ/s72-c/Mi-24V%2BHind%2BE-kasachstan_.jpg

142.250.74.161

200 OK

3.7 kB

URL GET HTTP/2
1.bp.blogspot.com/-AleG9_0p_fA/X5rXBgZRYuI/AAAAAAABxHQ/if86IkNqkZ0mWSj761_B9NKWUinzGtJbACLcBGAsYHQ/s72-c/Mi-24V%2BHind%2BE-kasachstan_.jpg
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
3.7 kB (3681 bytes)
Hash
bd2a3c60b61c27c280ebc1c2d13b5957
20dd9e3599f341bf56fd8a22083ba90157d1d152
582cd10a227cf5a41685b6947656d222af51dd88310048659fc47963fb9475be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /-AleG9_0p_fA/X5rXBgZRYuI/AAAAAAABxHQ/if86IkNqkZ0mWSj761_B9NKWUinzGtJbACLcBGAsYHQ/s72-c/Mi-24V%2BHind%2BE-kasachstan_.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Mi-24V Hind E-kasachstan_.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3681
x-xss-protection: 0
date: Tue, 26 Sep 2023 10:16:25 GMT
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1c475"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET 1.bp.blogspot.com/-vRvwDUP892A/VqF6x99ounI/AAAAAAAAbA8/XG4VStqXqzE/s72-c/Gyrocopter-girl_.jpg

142.250.74.161

200 OK

3.3 kB

URL GET HTTP/2
1.bp.blogspot.com/-vRvwDUP892A/VqF6x99ounI/AAAAAAAAbA8/XG4VStqXqzE/s72-c/Gyrocopter-girl_.jpg
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
3.3 kB (3331 bytes)
Hash
7fc780f13e321b6fc0e79a40454ec83a
07b33b49ab9cbcdfd61f01af46e165bfe377a1be
4b8aa5895e65d028493d4a549deee7247d7239e217ea78e7a3ebb85c8377deb7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /-vRvwDUP892A/VqF6x99ounI/AAAAAAAAbA8/XG4VStqXqzE/s72-c/Gyrocopter-girl_.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Gyrocopter-girl_.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3331
x-xss-protection: 0
date: Tue, 26 Sep 2023 10:16:25 GMT
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
etag: "v6c10"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET i9.ytimg.com/vi_blogger/6xXazfcz1NU/1.jpg?sqp=CPjeyqgGGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3ndsRJZ4r9UFmptUs5Wk9GlwV-b4Q

172.217.21.174

200 OK

7.8 kB

URL GET HTTP/2
i9.ytimg.com/vi_blogger/6xXazfcz1NU/1.jpg?sqp=CPjeyqgGGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3ndsRJZ4r9UFmptUs5Wk9GlwV-b4Q
IP
172.217.21.174:443
ASN
#15169 GOOGLE

Requested by
https://www.blogger.com/video.g?token=AD6v5dwxrQlq6znEBSGlo2hyQnwGQjF9C3LhmDGF17hnJgnNAth5aMIl-Ft6jwOYWNFeKFXstjumdFtiXXmlAatWAQ
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Size
7.8 kB (7757 bytes)
Hash
bf0bf36e83c24fc47bebe8b1c8f47724
7b2ca1500f5b3d129e5df0d00f5693a09b5d7b1f
298a7c293136b86f7314b099de316809101fe916e871b2c8ba9d7ec37281c388

HTTP Headers

GET /vi_blogger/6xXazfcz1NU/1.jpg?sqp=CPjeyqgGGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3ndsRJZ4r9UFmptUs5Wk9GlwV-b4Q HTTP/1.1
Host: i9.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 7757
date: Tue, 26 Sep 2023 10:16:25 GMT
expires: Tue, 26 Sep 2023 10:16:25 GMT
cache-control: private, max-age=300
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXAPAhoHRudUa9B2tF5hvkFd2NNUBK9bsFMLbsULF1bWVeDUGtaVyAJHQtLLsJ8HmK7ndHContbKOMePtOQN-ihf9H_LhGcrVBZ1R8oBZOxzZH8Akq6iS62QG86g1iE5C7cD60U1fnLORetmBEZKMQNHpAStPdhuMJ1fufz_8YBjs0wiEVEoj8QVgMTEGh/s16000/generic-Robinson-crashes_2_.jpg

142.250.74.97

200 OK

175 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXAPAhoHRudUa9B2tF5hvkFd2NNUBK9bsFMLbsULF1bWVeDUGtaVyAJHQtLLsJ8HmK7ndHContbKOMePtOQN-ihf9H_LhGcrVBZ1R8oBZOxzZH8Akq6iS62QG86g1iE5C7cD60U1fnLORetmBEZKMQNHpAStPdhuMJ1fufz_8YBjs0wiEVEoj8QVgMTEGh/s16000/generic-Robinson-crashes_2_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 624x398, components 3\012- data
Size
175 kB (175355 bytes)
Hash
b9239186f3adf76f60a381cbfdd6e79c
021d803544067f06130f10d86c1d4c37d5b98671
a6936332758551e31b053743ec63299332ecc90632a443dd31a8ffb3d34d6e87

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhXAPAhoHRudUa9B2tF5hvkFd2NNUBK9bsFMLbsULF1bWVeDUGtaVyAJHQtLLsJ8HmK7ndHContbKOMePtOQN-ihf9H_LhGcrVBZ1R8oBZOxzZH8Akq6iS62QG86g1iE5C7cD60U1fnLORetmBEZKMQNHpAStPdhuMJ1fufz_8YBjs0wiEVEoj8QVgMTEGh/s16000/generic-Robinson-crashes_2_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c9f4"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="generic-Robinson-crashes_2_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 175355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5YqZSlGegdIIfUn8p_lYRfjO90a3bcRClftylqkSqm987s157wWkYibsHSUyQ1wqRops9MalUgtfyQIPE5Jodm5WRaM3mG3lEe-ZV6w9qjkPehqbGYTxn6rdG_pJtFSX9JPiCuj_Stdpv7KoZrNlwHhVlaN5iwMeEVHQ9FS9UX-oQ4woCKStGWx1ij2YE/s16000/230922_Louisiana-S-92-wedge_3_.jpg

142.250.74.97

200 OK

151 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5YqZSlGegdIIfUn8p_lYRfjO90a3bcRClftylqkSqm987s157wWkYibsHSUyQ1wqRops9MalUgtfyQIPE5Jodm5WRaM3mG3lEe-ZV6w9qjkPehqbGYTxn6rdG_pJtFSX9JPiCuj_Stdpv7KoZrNlwHhVlaN5iwMeEVHQ9FS9UX-oQ4woCKStGWx1ij2YE/s16000/230922_Louisiana-S-92-wedge_3_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 624x389, components 3\012- data
Size
151 kB (151398 bytes)
Hash
f753f627327a4541465ea716d856a106
cd884fcd207b69ea2b682b14366baf639f4029ce
90f1e5ec0a2e0cdba8a0fcd64b679673ac4792ca6ee2f083f26d6679abfdb061

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEj5YqZSlGegdIIfUn8p_lYRfjO90a3bcRClftylqkSqm987s157wWkYibsHSUyQ1wqRops9MalUgtfyQIPE5Jodm5WRaM3mG3lEe-ZV6w9qjkPehqbGYTxn6rdG_pJtFSX9JPiCuj_Stdpv7KoZrNlwHhVlaN5iwMeEVHQ9FS9UX-oQ4woCKStGWx1ij2YE/s16000/230922_Louisiana-S-92-wedge_3_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c9f2"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230922_Louisiana-S-92-wedge_3_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 151398
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjelwX-ngv8aspS5agkI5w_JS5LQeoflv5KkMN-mCiM9gJbBU15Yj71p3IgTa4SGRT19kogF2zzHJMeu2ofTUEMx9kGev47q7Fo0gw1x2qw6m5hZxc4zkpqFrewpXPlng67C1BxXO9bvJGV4HLwOEpi83x7uni1733kZSXPqqek1MqpkQ3hrScEv05e71nZ/s16000/230922_Louisiana-S-92-wedge_1_.jpg

142.250.74.97

200 OK

218 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjelwX-ngv8aspS5agkI5w_JS5LQeoflv5KkMN-mCiM9gJbBU15Yj71p3IgTa4SGRT19kogF2zzHJMeu2ofTUEMx9kGev47q7Fo0gw1x2qw6m5hZxc4zkpqFrewpXPlng67C1BxXO9bvJGV4HLwOEpi83x7uni1733kZSXPqqek1MqpkQ3hrScEv05e71nZ/s16000/230922_Louisiana-S-92-wedge_1_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 624x468, components 3\012- data
Size
218 kB (217964 bytes)
Hash
d2f0aceec34e4067f5b9fe4c42f3428d
ca83fba985839a3b949929fc6b469d68db0ef636
aaac091db51c13cf016750a75826cd9cd21c8174bb8afc1be31929b4f70aee02

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEjelwX-ngv8aspS5agkI5w_JS5LQeoflv5KkMN-mCiM9gJbBU15Yj71p3IgTa4SGRT19kogF2zzHJMeu2ofTUEMx9kGev47q7Fo0gw1x2qw6m5hZxc4zkpqFrewpXPlng67C1BxXO9bvJGV4HLwOEpi83x7uni1733kZSXPqqek1MqpkQ3hrScEv05e71nZ/s16000/230922_Louisiana-S-92-wedge_1_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c9f2"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230922_Louisiana-S-92-wedge_1_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 217964
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9SJ-hSaQhydeLEajsbOcS1gWpbDDgJjHLlmKMA5GWOESqoPKr3ESeqciGLilmMwJzwgbDlPoVN1iC_rwb4YfJH8_e_ZdiQLfX34walnCM-F8_tAtzih-yUdInallrvCHdPrUONRzWDtEeMzxdANoVBrq_dJxZg9QdpOgkfbRSOALUgNgDNeBB2uF5a2Tj/s16000/230922_Louisiana-S-92-wedge_2_.jpg

142.250.74.97

200 OK

230 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9SJ-hSaQhydeLEajsbOcS1gWpbDDgJjHLlmKMA5GWOESqoPKr3ESeqciGLilmMwJzwgbDlPoVN1iC_rwb4YfJH8_e_ZdiQLfX34walnCM-F8_tAtzih-yUdInallrvCHdPrUONRzWDtEeMzxdANoVBrq_dJxZg9QdpOgkfbRSOALUgNgDNeBB2uF5a2Tj/s16000/230922_Louisiana-S-92-wedge_2_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], progressive, precision 8, 624x649, components 3\012- data
Size
230 kB (230251 bytes)
Hash
307e6922e43f878aa85ba38470c9c4f7
868187315f7d179f9661ac3ea55135e5eebeb6b2
c5c29cfcb92144ab45daef28d079b977aaf7f991ff0113e46d447bf972963331

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEj9SJ-hSaQhydeLEajsbOcS1gWpbDDgJjHLlmKMA5GWOESqoPKr3ESeqciGLilmMwJzwgbDlPoVN1iC_rwb4YfJH8_e_ZdiQLfX34walnCM-F8_tAtzih-yUdInallrvCHdPrUONRzWDtEeMzxdANoVBrq_dJxZg9QdpOgkfbRSOALUgNgDNeBB2uF5a2Tj/s16000/230922_Louisiana-S-92-wedge_2_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c9f1"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230922_Louisiana-S-92-wedge_2_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 230251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinQm1NuHNdHKcg6B_089cBYcSJuS8v072l69h4YxaML4dJa_O9EG1yn9jcGZDQzFTgQmhuxNhnBzEdTClEWbkesIwLMpRUOdEbzay--vW2EDpX5Feo3gGJ0RlTaxBIA2eU2Fzcd7FnbqNUtxLn8EfPyu7GqZ87h0Xj2csGrpbpOAadobP5RgdpkLTK/s72-c/1910_Wallins_.jpg

142.250.74.97

200 OK

3.2 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinQm1NuHNdHKcg6B_089cBYcSJuS8v072l69h4YxaML4dJa_O9EG1yn9jcGZDQzFTgQmhuxNhnBzEdTClEWbkesIwLMpRUOdEbzay--vW2EDpX5Feo3gGJ0RlTaxBIA2eU2Fzcd7FnbqNUtxLn8EfPyu7GqZ87h0Xj2csGrpbpOAadobP5RgdpkLTK/s72-c/1910_Wallins_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
3.2 kB (3210 bytes)
Hash
277548fd7e0d6cf79ab61b8e73f59c7e
7b507a2d120f6daa857b4054d94d480e7f898826
77f28b8d84579a4388992d27e81f75dc78f49ee08c290e9691056b1b5d337f18

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEinQm1NuHNdHKcg6B_089cBYcSJuS8v072l69h4YxaML4dJa_O9EG1yn9jcGZDQzFTgQmhuxNhnBzEdTClEWbkesIwLMpRUOdEbzay--vW2EDpX5Feo3gGJ0RlTaxBIA2eU2Fzcd7FnbqNUtxLn8EfPyu7GqZ87h0Xj2csGrpbpOAadobP5RgdpkLTK/s72-c/1910_Wallins_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v28f41"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1910_Wallins_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 3210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBXCz2L_9gqCB6YdD7RlCaGU-ShEK61LdLT5-3glwn1hd2L4rjvGH5FQulwpvmosl0T8i9D_hu6G45QS9tIHfHb6Ad01EYWQiwJKueqlvUswLWGtQVmLPl15bNIJuOD1Vzicn7KoE-semQXQnFc9KF5a259cIzXH8ykjZ4buseI7bk5lTfOMIQUQ46jxZg/s72-c/230920_Australien-crash_.jpg

142.250.74.97

200 OK

2.2 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBXCz2L_9gqCB6YdD7RlCaGU-ShEK61LdLT5-3glwn1hd2L4rjvGH5FQulwpvmosl0T8i9D_hu6G45QS9tIHfHb6Ad01EYWQiwJKueqlvUswLWGtQVmLPl15bNIJuOD1Vzicn7KoE-semQXQnFc9KF5a259cIzXH8ykjZ4buseI7bk5lTfOMIQUQ46jxZg/s72-c/230920_Australien-crash_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
2.2 kB (2167 bytes)
Hash
b455deada7b80e2952271e6dd3803ae3
965e5aad410df776a0ede0551b1963c6aabe313b
9ca5ef407cfa5bd6005b7887a3cbad5934b3b82937be4769e7f0417491b21e9d

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhBXCz2L_9gqCB6YdD7RlCaGU-ShEK61LdLT5-3glwn1hd2L4rjvGH5FQulwpvmosl0T8i9D_hu6G45QS9tIHfHb6Ad01EYWQiwJKueqlvUswLWGtQVmLPl15bNIJuOD1Vzicn7KoE-semQXQnFc9KF5a259cIzXH8ykjZ4buseI7bk5lTfOMIQUQ46jxZg/s72-c/230920_Australien-crash_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c921"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230920_Australien-crash_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 2167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxanK6PbvbcBfXj_3agDpheQK89aY23eyT4DZoOUOLTdabpGeH0eCv8mc9dAgW-ydlu_Zl2OqLLrzB0UwDU7lSUZRPRaEcx20-h3EX9TOZyMmiimyRFBHLtnB8fNgwDK0/s113/*

142.250.74.97

200 OK

7.2 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxanK6PbvbcBfXj_3agDpheQK89aY23eyT4DZoOUOLTdabpGeH0eCv8mc9dAgW-ydlu_Zl2OqLLrzB0UwDU7lSUZRPRaEcx20-h3EX9TOZyMmiimyRFBHLtnB8fNgwDK0/s113/*
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 108x113, components 3\012- data
Size
7.2 kB (7184 bytes)
Hash
69bded2269646c7dc3b361c3c3abf85d
c448731331f50b548bfefc61b40a0413b9629d31
f361c77a6b0850cbb7bd2391935b7369104213c6fc86181da1dcbfe4798f69a8

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhxanK6PbvbcBfXj_3agDpheQK89aY23eyT4DZoOUOLTdabpGeH0eCv8mc9dAgW-ydlu_Zl2OqLLrzB0UwDU7lSUZRPRaEcx20-h3EX9TOZyMmiimyRFBHLtnB8fNgwDK0/s113/* HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v310e"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="*.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 7184
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET 2.bp.blogspot.com/-uV9iYfIRQkk/Wn3VvQ067TI/AAAAAAAA3Zw/6VeUnHGnbCULhXzaiRvtAUha3btA7xzEACLcBGAs/s1600/Gyrocopter-girl-Cornelia-Haydinjak_.jpg

142.250.74.161

200 OK

143 kB

URL GET HTTP/2
2.bp.blogspot.com/-uV9iYfIRQkk/Wn3VvQ067TI/AAAAAAAA3Zw/6VeUnHGnbCULhXzaiRvtAUha3btA7xzEACLcBGAs/s1600/Gyrocopter-girl-Cornelia-Haydinjak_.jpg
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 397x478, components 3\012- data
Size
143 kB (143415 bytes)
Hash
892d4d9c83aeceb311a30de519467631
10a40ccd0dcc1a8dd1cd855f92e4bcde94f4c8e1
a46ce0ad04cd37319475aa43c60fee51d99139a771e6b239d5e2478a99cb927b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /-uV9iYfIRQkk/Wn3VvQ067TI/AAAAAAAA3Zw/6VeUnHGnbCULhXzaiRvtAUha3btA7xzEACLcBGAs/s1600/Gyrocopter-girl-Cornelia-Haydinjak_.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vdd9d"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Gyrocopter-girl-Cornelia-Haydinjak_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 143415
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_oLIh-KS3zUKZozm3aaAEXdS3UDYredKy6pHkI_ve0J4S_4jOF_YJNw51i3Eyftoc-VU2uwkEfzijozJUfk_FF7mPEf8sNhfbQpvIwz4WuLhFkf9kT9ET195NyrNkE_iclPuVQ2cz134iB3oamaJJya4rJkQF07jOVP0kaPkfivCQDMJaV4kOQLjh2wnP/s72-c/230904_Mexico-crash_1_.jpg

142.250.74.97

200 OK

3.9 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_oLIh-KS3zUKZozm3aaAEXdS3UDYredKy6pHkI_ve0J4S_4jOF_YJNw51i3Eyftoc-VU2uwkEfzijozJUfk_FF7mPEf8sNhfbQpvIwz4WuLhFkf9kT9ET195NyrNkE_iclPuVQ2cz134iB3oamaJJya4rJkQF07jOVP0kaPkfivCQDMJaV4kOQLjh2wnP/s72-c/230904_Mexico-crash_1_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
3.9 kB (3880 bytes)
Hash
915a48206067ece36d8fd38c95592c82
be9dea4da6cfd16a7e33017ca530464c24f0c07c
67e320d0bf798c593971a91f4f22f1b4195107d68e8bedb9e7d2984813e27d4a

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEi_oLIh-KS3zUKZozm3aaAEXdS3UDYredKy6pHkI_ve0J4S_4jOF_YJNw51i3Eyftoc-VU2uwkEfzijozJUfk_FF7mPEf8sNhfbQpvIwz4WuLhFkf9kT9ET195NyrNkE_iclPuVQ2cz134iB3oamaJJya4rJkQF07jOVP0kaPkfivCQDMJaV4kOQLjh2wnP/s72-c/230904_Mexico-crash_1_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c755"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230904_Mexico-crash_1_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 3880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU-yprlFIc2DzowxdMap69QxGf731CadtxdQ5jvIZ6ZqGMXsUh8VcVTNvk8qcKxFvHAghnDoiAXpqSKLhcnBNSninttvKjIArxSrLCaJPNuQDRFJ29F2Vn7OhptgKzDsadC0KlVV92EE_UFmB5i74rMBmdUCR1hrB4Kn61VjHcnbm9bznSBLTs5xak/s72-c/2009_Archer_.jpg

142.250.74.97

200 OK

2.2 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU-yprlFIc2DzowxdMap69QxGf731CadtxdQ5jvIZ6ZqGMXsUh8VcVTNvk8qcKxFvHAghnDoiAXpqSKLhcnBNSninttvKjIArxSrLCaJPNuQDRFJ29F2Vn7OhptgKzDsadC0KlVV92EE_UFmB5i74rMBmdUCR1hrB4Kn61VjHcnbm9bznSBLTs5xak/s72-c/2009_Archer_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
2.2 kB (2206 bytes)
Hash
3a63f0ba697cc731e56f63fa49c60715
8ce27d9d977b15118fd13890f5ecda919102548d
5826a19675dd8815944ca74a4a49b6f0f76835241603c80af820b40b6efd4644

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEiU-yprlFIc2DzowxdMap69QxGf731CadtxdQ5jvIZ6ZqGMXsUh8VcVTNvk8qcKxFvHAghnDoiAXpqSKLhcnBNSninttvKjIArxSrLCaJPNuQDRFJ29F2Vn7OhptgKzDsadC0KlVV92EE_UFmB5i74rMBmdUCR1hrB4Kn61VjHcnbm9bznSBLTs5xak/s72-c/2009_Archer_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v28f3d"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2009_Archer_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 2206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5f9f802e548a076e6066ecff6aa5bbb
fb8dfabace38ae24e462d84eddc3d25b48b23a20
20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPway62JqU4PLx4c7ulMzeFsBKqox0WdgoLkT_dUTMjP-qs5j6Wvt9idydd4sJuHDcWaXhnSJJ2-eo3GfWJ6meAzI_QX5S7FJbT7rcOA01awj6BJ_llXZ68WMqoIxSP4NkNg_35wtJFnSfYs7uMuH-XAtnoDpxvS6Y5jtCRjDdAUkINwGMvttFmPJg/s72-c/Der-Hubschrauber-Noten-beide-Bla%CC%88tter_.jpg

142.250.74.97

200 OK

2.8 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPway62JqU4PLx4c7ulMzeFsBKqox0WdgoLkT_dUTMjP-qs5j6Wvt9idydd4sJuHDcWaXhnSJJ2-eo3GfWJ6meAzI_QX5S7FJbT7rcOA01awj6BJ_llXZ68WMqoIxSP4NkNg_35wtJFnSfYs7uMuH-XAtnoDpxvS6Y5jtCRjDdAUkINwGMvttFmPJg/s72-c/Der-Hubschrauber-Noten-beide-Bla%CC%88tter_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
2.8 kB (2764 bytes)
Hash
566d3ebce1eca760889ee73128e2848f
85687534b98d8b15db926229b69995e1b4826dfd
a9c395b2b729aeda592196bf1066e190a1d10f61441bbda2d9ee64b98aa9d8a9

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEgPway62JqU4PLx4c7ulMzeFsBKqox0WdgoLkT_dUTMjP-qs5j6Wvt9idydd4sJuHDcWaXhnSJJ2-eo3GfWJ6meAzI_QX5S7FJbT7rcOA01awj6BJ_llXZ68WMqoIxSP4NkNg_35wtJFnSfYs7uMuH-XAtnoDpxvS6Y5jtCRjDdAUkINwGMvttFmPJg/s72-c/Der-Hubschrauber-Noten-beide-Bla%CC%88tter_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v29572"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Der-Hubschrauber-Noten-beide-Bla_tter_.jpg";filename*=UTF-8''Der-Hubschrauber-Noten-beide-Bla%CC%88tter_.jpg
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 2764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPopfb2k6EcSKj5odjjgwKig11f4JonO1o2h9W34cxoj4OdNod3HwpTDQqlzhwOloDnfP-Tqw6gc_6zIL-VgUq_J1OggrRqBD5qk2lcbpoojycPesqaaOQ1af2Zp0MmOFUTQs_PLlrrYBEg9AghphrhiP3PcTRyh7JoGKjrNK3LNOcdX5j1x1Z6ni9vODt/s72-c/2021-7_Airforces-B505-Jamaica_.jpg

142.250.74.97

200 OK

4.1 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPopfb2k6EcSKj5odjjgwKig11f4JonO1o2h9W34cxoj4OdNod3HwpTDQqlzhwOloDnfP-Tqw6gc_6zIL-VgUq_J1OggrRqBD5qk2lcbpoojycPesqaaOQ1af2Zp0MmOFUTQs_PLlrrYBEg9AghphrhiP3PcTRyh7JoGKjrNK3LNOcdX5j1x1Z6ni9vODt/s72-c/2021-7_Airforces-B505-Jamaica_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
4.1 kB (4100 bytes)
Hash
fe97be119204ccf8006121fb226eb484
949b46653a3f06ad16029eba9fc59d1a50c7a4e3
49e084945cc9ee9bbb861586b1391c81d6b34fcd4bbd29fef4dcc8b8b8ebae72

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEiPopfb2k6EcSKj5odjjgwKig11f4JonO1o2h9W34cxoj4OdNod3HwpTDQqlzhwOloDnfP-Tqw6gc_6zIL-VgUq_J1OggrRqBD5qk2lcbpoojycPesqaaOQ1af2Zp0MmOFUTQs_PLlrrYBEg9AghphrhiP3PcTRyh7JoGKjrNK3LNOcdX5j1x1Z6ni9vODt/s72-c/2021-7_Airforces-B505-Jamaica_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c7a0"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2021-7_Airforces-B505-Jamaica_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 4100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWUmv20vJErlUs5Oe--UboVV6HMxCvdYsTuWsCpVkFjRMxqvHSpVtCs6od14ALnlEG4YqHZRVAerVeCugEpLZhx9_vBsxeNimDTAv-A4YYrHcrqKSKTEWzi2CqN0zU0dBid5nBBY7zBNVLqjCxpLZjZt_TV6LPMJK_VecfGTQ16uq7AoGF_jD6PJuJgKc/s72-c/230814_Mannheim_x_.jpg

142.250.74.97

200 OK

1.4 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWUmv20vJErlUs5Oe--UboVV6HMxCvdYsTuWsCpVkFjRMxqvHSpVtCs6od14ALnlEG4YqHZRVAerVeCugEpLZhx9_vBsxeNimDTAv-A4YYrHcrqKSKTEWzi2CqN0zU0dBid5nBBY7zBNVLqjCxpLZjZt_TV6LPMJK_VecfGTQ16uq7AoGF_jD6PJuJgKc/s72-c/230814_Mannheim_x_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
1.4 kB (1432 bytes)
Hash
6074de06e76f44dd7242c50dd3e7d232
21f161cec356255b36e9f3c4aad456d2abcfe222
ee931defa031b56f8a78ba8fdb59cf3843b7661d7e184430bb9ab6ae4711dac2

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEgWUmv20vJErlUs5Oe--UboVV6HMxCvdYsTuWsCpVkFjRMxqvHSpVtCs6od14ALnlEG4YqHZRVAerVeCugEpLZhx9_vBsxeNimDTAv-A4YYrHcrqKSKTEWzi2CqN0zU0dBid5nBBY7zBNVLqjCxpLZjZt_TV6LPMJK_VecfGTQ16uq7AoGF_jD6PJuJgKc/s72-c/230814_Mannheim_x_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2c075"
expires: Wed, 27 Sep 2023 10:16:25 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="230814_Mannheim_x_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:25 GMT
server: fife
content-length: 1432
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilc9ntPFrdlCYS9Ajl1cUNfOwjKxNSQ2KQvZO5bwGZyr41BvgONP6nswCrigC-eIOa1Xvd3nom1-5fDoyWgq-0ZUERtGekQ_Z1GlzKBY0ZKbNczFVmatRAnl9Dad4SaK3UmHW43XBIqGGZNwNxYkIbr3bt3BToEHtSR8fQekmdQwRg2vCfQwVC7pbi/s72-c/ded_moroz-winterpause_.jpg

142.250.74.97

200 OK

4.4 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilc9ntPFrdlCYS9Ajl1cUNfOwjKxNSQ2KQvZO5bwGZyr41BvgONP6nswCrigC-eIOa1Xvd3nom1-5fDoyWgq-0ZUERtGekQ_Z1GlzKBY0ZKbNczFVmatRAnl9Dad4SaK3UmHW43XBIqGGZNwNxYkIbr3bt3BToEHtSR8fQekmdQwRg2vCfQwVC7pbi/s72-c/ded_moroz-winterpause_.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size
4.4 kB (4404 bytes)
Hash
5c2f38faa139dec1d3efa4297d44c6af
e733612508a14278529558d6eba99663350b998f
55720528aff4fcf72b06172f9906a922e99bbe51d5ab6b6a89995277f15e2d59

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEilc9ntPFrdlCYS9Ajl1cUNfOwjKxNSQ2KQvZO5bwGZyr41BvgONP6nswCrigC-eIOa1Xvd3nom1-5fDoyWgq-0ZUERtGekQ_Z1GlzKBY0ZKbNczFVmatRAnl9Dad4SaK3UmHW43XBIqGGZNwNxYkIbr3bt3BToEHtSR8fQekmdQwRg2vCfQwVC7pbi/s72-c/ded_moroz-winterpause_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v2897d"
expires: Wed, 27 Sep 2023 10:16:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ded_moroz-winterpause_.jpg"
x-content-type-options: nosniff
date: Tue, 26 Sep 2023 10:16:26 GMT
server: fife
content-length: 4404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86f13e0e5bd629070766ef73e2a67867
ad5b1b8ff0f711e046a0a83a2c9969e92f4eb10d
3d49564d51eb83328222af2ff2787ac9e1a91d06c37aad1ad06a9a977366093e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5f9f802e548a076e6066ecff6aa5bbb
fb8dfabace38ae24e462d84eddc3d25b48b23a20
20dbe13a82e0d8f734ff3b0e89a008ef31f3523d410957da15a9578c0f68afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css

142.250.74.35

200 OK

4.0 kB

URL GET HTTP/3
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 18:36:14 GMT
expires: Fri, 20 Sep 2024 18:36:14 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 402016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ca3afb7df10c01fb4a7514ea3f1493e1
7b234d99c8683384c389995c31d4b60b65ae8c53
d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.2F63wKe-t30.O/d=1/exm=el_conf/ed=1/rs=AN8SPfor0YpiSyIWQCa_tLwxmE_CZ4q-QA/m=el_main

142.250.74.170

200 OK

78 kB

URL GET HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.2F63wKe-t30.O/d=1/exm=el_conf/ed=1/rs=AN8SPfor0YpiSyIWQCa_tLwxmE_CZ4q-QA/m=el_main
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
ASCII text, with very long lines (1660)
Size
78 kB (78266 bytes)
Hash
9a386a5bf33261ce082029ac77df052f
5266e7bcc00fa4fde5ce260d37d6fd98bde28bf0
01d82e2af447877a0c7e89bbc9cc2cc5039ffa9be7495b210de073bbcd6957c5

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.2F63wKe-t30.O/d=1/exm=el_conf/ed=1/rs=AN8SPfor0YpiSyIWQCa_tLwxmE_CZ4q-QA/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 78266
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 19:06:25 GMT
expires: Tue, 24 Sep 2024 19:06:25 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 23 Sep 2023 03:10:55 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET helikopterhysteriezwo.blogspot.com/2023/09/crashes-3141.html?dynamicviews=1&v=0

172.217.21.161

200 OK

6.2 kB

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/2023/09/crashes-3141.html?dynamicviews=1&v=0
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7325)
Size
6.2 kB (6219 bytes)
Hash
bbf0a1615459fe4f71102931a5e77116
ebab199be9b1628ddfa099988952dab2d59f08b8
e4723035939a1ad9bb51e57b79c65add27e6705a8129eb8effa9bb1ae0f02e1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2023/09/crashes-3141.html?dynamicviews=1&v=0 HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 26 Sep 2023 10:16:30 GMT
date: Tue, 26 Sep 2023 10:16:30 GMT
cache-control: private, max-age=0
last-modified: Tue, 26 Sep 2023 00:02:05 GMT
etag: W/"f15c52cef1660e171277f2da5da84a8e5f49d6250c3beb6d91a6a8e78ef397c2"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 6219
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ca3afb7df10c01fb4a7514ea3f1493e1
7b234d99c8683384c389995c31d4b60b65ae8c53
d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 10:16:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET helikopterhysteriezwo.blogspot.com/feeds/2554180235786207917/comments/default?alt=json&v=2&dynamicviews=1&orderby=published&reverse=false&max-results=50&rewriteforssl=true

172.217.21.161

200 OK

874 B

URL GET HTTP/3
helikopterhysteriezwo.blogspot.com/feeds/2554180235786207917/comments/default?alt=json&v=2&dynamicviews=1&orderby=published&reverse=false&max-results=50&rewriteforssl=true
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (1612), with no line terminators
Size
874 B (874 bytes)
Hash
b8dc8d04e975f34d9be26ffebcece941
fe4ece61c6ff7725ee8e187e452bab96443dc935
c6c6245dfdf492c804a97d6442ff7674e35141754b987b7ba0b6a77646c1ec8c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /feeds/2554180235786207917/comments/default?alt=json&v=2&dynamicviews=1&orderby=published&reverse=false&max-results=50&rewriteforssl=true HTTP/1.1
Host: helikopterhysteriezwo.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"9e370786040301fe187b0e376896d39c19ccf8421770d04b6ebdb4257edf388b"
date: Tue, 26 Sep 2023 10:16:31 GMT
content-type: application/json; charset=UTF-8
server: blogger-renderd
expires: Tue, 26 Sep 2023 10:16:32 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 15:00:59 GMT
content-encoding: gzip
content-length: 874
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

142.250.74.35

200 OK

910 B

URL GET HTTP/3
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
910 B (910 bytes)
Hash
efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 19:05:11 GMT
expires: Tue, 24 Sep 2024 19:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
vary: Origin
age: 54680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/d=0/rs=AN8SPfrtPftKEg7PtUwWauRCo_c976LPSg/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 14:17:19 GMT
expires: Tue, 24 Sep 2024 14:17:19 GMT
cache-control: public, max-age=31536000
age: 71952
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

142.250.74.163

200 OK

3.3 kB

URL GET HTTP/2
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6225), with no line terminators
Size
3.3 kB (3340 bytes)
Hash
2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 03:53:48 GMT
expires: Wed, 25 Sep 2024 03:53:48 GMT
cache-control: public, max-age=31536000
age: 22963
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.170

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 26 Sep 2023 10:16:31 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=G2BXTjcxzpR9ZtmXeQ9hUjQaosMtSf96t_hJY2J8DEoJ0-oJ04Crj2KGpS2t64BwvJCKO4b269UBQyNxkYYkMoCxJA4Qm3_HX8uAiqjr1L_LvlIE2lFxDhgGE_lILem-8arP57k9Cc6kEVGX9Doi-PYnzNRXL6iKM17VJkQWTBo; expires=Wed, 27-Mar-2024 10:16:31 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+239; expires=Thu, 25-Sep-2025 10:16:31 GMT; path=/; domain=.googleapis.com; Secure
expires: Tue, 26 Sep 2023 10:16:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET translate.google.com/gen204?sl=de&nca=te_ap&client=te&logld=vTE_20230924

216.58.211.14

204 No Content

0 B

URL GET HTTP/3
translate.google.com/gen204?sl=de&nca=te_ap&client=te&logld=vTE_20230924
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gen204?sl=de&nca=te_ap&client=te&logld=vTE_20230924 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: image/gif; charset=us-ascii
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Sep 2023 10:16:32 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-_om5U0oRduU3l6oSIO0oaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=15.SE=KmxAgcD7hZFZriURgjDT66fxO_2-IvRA2uBmbRBWCri4MB9xIit_wpJle-Rt0M9pi3OYxp2FLXq9Dnh5xE7avuWDw2Mln7QuK3Lsk03oY-ndmz0xxBt0_L5ZQp9odzAjTCE94_C-Jpzb2_3vsuTsO3wVhs-TGyYEElogcz0QQn4; expires=Sat, 26-Oct-2024 02:34:50 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET www.blogger.com/comment/frame/1946443303423348198?hl=de&po=2554180235786207917&lr=

0.0.0.0

0 B

URL GET
www.blogger.com/comment/frame/1946443303423348198?hl=de&po=2554180235786207917&lr=
IP
0.0.0.0:0
ASN
#0

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /comment/frame/1946443303423348198?hl=de&po=2554180235786207917&lr= HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

216.58.211.14

200 OK

87 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (2450)
Size
87 kB (86895 bytes)
Hash
f1e6cdf34194bb2d9c90a8131ddf8998
dbf52fb0815576278c4b7708897e94f458f5b3ab
924f0499a13d24cea82cab151de1e285f1773ba39a70eec0ed4b9f3da93e3ef5

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 26 Sep 2023 10:16:25 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+352; expires=Thu, 25-Sep-2025 10:16:25 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.blogger.com/comment/frame/1946443303423348198?hl=de&po=2554180235786207917&lr=

0.0.0.0

0 B

URL GET
www.blogger.com/comment/frame/1946443303423348198?hl=de&po=2554180235786207917&lr=
IP
0.0.0.0:0
ASN
#0

Requested by
https://helikopterhysteriezwo.blogspot.com/2018/02/the-female-of-species-54-cornelia.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /comment/frame/1946443303423348198?hl=de&po=2554180235786207917&lr= HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://helikopterhysteriezwo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN