Report - crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html

Report Overview

Submitted URL
crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html
IP
142.250.74.161
ASN
#15169 GOOGLE
Submitted
2022-10-06 15:52:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	468 B	8.8 kB	216.58.207.195
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cdn.widgetserver.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	9.2 kB	96.126.123.244
www1.widgetserver.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	2.5 kB	99.83.136.84
d38psrni17bvxu.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	633 B	1.5 kB	54.230.245.138
i442.photobucket.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331 B	57 kB	54.230.111.82
crazy4crafting.blogspot.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	726 B	22 kB	142.250.74.161
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	8.4 kB	142.250.74.3
no-stats3.conveythis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	633 B	15 kB	104.131.110.222
i950.photobucket.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	16 kB	54.230.111.82
storage.myfreecopyright.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	320 B	507 B	52.92.176.241
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.9 kB	34.160.144.191
4.bp.blogspot.com	11215	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	743 B	74 kB	142.250.74.161
www.maploco.com	960485	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	307 B	655 B	69.16.219.69
i540.photobucket.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	16 kB	54.230.111.17
resources.blogblog.com	13274	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.7 kB	216.58.207.201
i102.photobucket.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	770 B	10 kB	54.230.111.17
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	34 kB	142.250.74.74
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
www.blogger.com	8975	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	71 kB	216.58.207.201
2.bp.blogspot.com	11071	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	735 B	14 kB	142.250.74.161
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	310 B	656 B	216.58.207.194
i839.photobucket.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	66 kB	54.230.111.17
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.65
apis.google.com	105	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	898 B	80 kB	142.250.74.174
1.bp.blogspot.com	8403	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	199 kB	142.250.74.161
3.bp.blogspot.com	11048	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	731 B	9.5 kB	142.250.74.161
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.189.35.180
brigi-jar.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	29 kB	35.170.174.54
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	48 kB	34.120.237.76
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.9 kB	54.230.245.118
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	28 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-06	medium	cdn.widgetserver.com/syndication/subscriber/InsertWidget.js	Malware
2022-10-06	medium	cdn.widgetserver.com/	Malware
2022-10-06	medium	cdn.widgetserver.com/mtm/async/.eJxdjEsOwjAMRO-SZYkSFiygiLMgN3XTSPnhmLaAuDsJYsVm9GbG45e4kxO90EIKIFsqViKckJCqmZlzr7UheD4OVSd20arBJ1tyYmVSaMs5Fb5GCFgXZoxqdaNFLkgLUrtpz43BzLVn3FjPHLyEnL0zwC5FvbVkt_2nwZ9vl706SRfAoobFTT9ccciy0923P4r3B_zzRRk:1ogTAV:LmvIi_01uAMUxKZGWqqFvS8KU64/1/0	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs	131 kB	2023-03-07	2023-03-17
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-03-17 17:17:06 Times Seen1 Hash 8c367d9263e0440822e7e28574a782d6 37afed9428bb96e347d49f80f53ac4a5ab8e03d3 47858e4fa55e26f84c8025d699232106abfc921232a6f02edc556e59ce3a855b Loading...

	crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html	1.7 kB	2023-03-08	2023-03-08
Pretty URL crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:30:25 Last Seen2023-03-08 07:30:25 Times Seen1 Hash 8a1fcf4bc468dd400d1a25e767ac17da 24a7757c62078a5a892abbd0836936eae1fe09eb c07fd9c805f013c7fbb37985f586accd433f17f6b9feb593985456b83089d832 Loading...

	crazy4crafting.blogspot.com/js/cookienotice.js	6.5 kB	2023-03-07	2024-04-26
Pretty URL crazy4crafting.blogspot.com/js/cookienotice.js IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-26 08:49:27 Times Seen113825 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html	269 B	2023-03-07	2024-04-26
Pretty URL crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-26 08:49:27 Times Seen28067 Hash 6e880fa46f41c3a142b32e22ca7c06a0 cb7725608bf21d4a5fab1e9050328ab9b024d285 95df5b72788a5634d46797321652a339cd37eeba06d33166541e76a0deb42b61 Loading...

	no-stats3.conveythis.com/kern_e2/javascript/e2_1.js	13 kB	2023-03-08	2023-03-08
Pretty URL no-stats3.conveythis.com/kern_e2/javascript/e2_1.js IP 104.131.110.222 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:30:25 Last Seen2023-03-08 07:30:25 Times Seen1 Hash 4b6ad5d9b395d3aa5ed23282e70bfda4 84c5124ccf01d373ed63b7150e9d698703e92915 56100ffcd1a180bd7309a0bbc867d1120b1363d51066585561d3b6d82b17ec73 Loading...

	pagead2.googlesyndication.com/pagead/js/google_top_exp.js	47 B	2023-03-07	2024-04-26
Pretty URL pagead2.googlesyndication.com/pagead/js/google_top_exp.js IP 216.58.207.194 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-26 08:49:28 Times Seen48069 Hash 7f5f2be159837d73b72a4b37616bce44 c93d7f25b530b05c26440d3352213b683d03dcc3 ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Loading...

	cdn.widgetserver.com/	6.3 kB	2023-03-08	2023-03-08
Pretty URL cdn.widgetserver.com/ IP 173.255.194.134 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:30:25 Last Seen2023-03-08 07:30:25 Times Seen1 Hash df2921c7b91a25fcaf468e9765c60412 c11a12d725563e242f8f0584140253c0c5739731 708a11295ab387fd2596299ac1f57fa3fb9684502f8780e469631f3c013d5d67 Loading...

	brigi-jar.com/main.js	480 B	2023-03-07	2023-03-17
Pretty URL brigi-jar.com/main.js IP 35.170.174.54 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-03-17 12:43:16 Times Seen1 Hash 91558066fecbfc1f6f77842f6aa85a6c 6bb5c5f2cb4efaf30a8ab810e1b453dcb4df108e efa0d78cbfa66831e490b26d1bb55b14f6c9f8f3a04b1d08403947abd25908ed Loading...

	crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html	275 B	2023-03-07	2024-04-26
Pretty URL crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-26 08:49:27 Times Seen57526 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	www.blogger.com/navbar.g?targetBlogID=4309591811807187501&blogName=Crazy+for+Crafting&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://crazy4crafting.blogspot.com/search&blogLocale=en&v=2&homepageUrl=crazy4crafting.blogspot.com/&targetPostID=6677769077248755706&blogPostOrPageUrl=crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html&vt=-634725968179137661&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fcrazy4crafting.blogspot.com&pfname=&rpctoken=31417143	184 B	2023-03-07	2023-04-05
Pretty URL www.blogger.com/navbar.g?targetBlogID=4309591811807187501&blogName=Crazy+for+Crafting&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://crazy4crafting.blogspot.com/search&blogLocale=en&v=2&homepageUrl=crazy4crafting.blogspot.com/&targetPostID=6677769077248755706&blogPostOrPageUrl=crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html&vt=-634725968179137661&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fcrazy4crafting.blogspot.com&pfname=&rpctoken=31417143 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-04-05 02:12:11 Times Seen6539 Hash 55222ba6bc3c6d1b4e917bf57803f724 41907640a176f6c9e549bfd1e1bacaa29a302475 3cb3e98d555f2381f9ef9439a915bd523225a0fd1cb4303f2c676da5494e1428 Loading...

	www.blogger.com/navbar.g?targetBlogID=4309591811807187501&blogName=Crazy+for+Crafting&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://crazy4crafting.blogspot.com/search&blogLocale=en&v=2&homepageUrl=crazy4crafting.blogspot.com/&targetPostID=6677769077248755706&blogPostOrPageUrl=crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html&vt=-634725968179137661&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fcrazy4crafting.blogspot.com&pfname=&rpctoken=31417143	471 B	2023-03-07	2023-04-05
Pretty URL www.blogger.com/navbar.g?targetBlogID=4309591811807187501&blogName=Crazy+for+Crafting&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://crazy4crafting.blogspot.com/search&blogLocale=en&v=2&homepageUrl=crazy4crafting.blogspot.com/&targetPostID=6677769077248755706&blogPostOrPageUrl=crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html&vt=-634725968179137661&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=http%3A%2F%2Fcrazy4crafting.blogspot.com&pfname=&rpctoken=31417143 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-04-05 02:12:11 Times Seen6549 Hash 817a2f878be59f132a6d67ba3dc44c12 74fa163d8e9121fc4be1b4b05974f7f08ac90267 7f417083e329ac4c097585dbe92c0de4527419243615b5a0c4245704cd09ccfc Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 08:35:18 Times Seen46482 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	www.blogger.com/static/v1/widgets/829820975-widgets.js	158 kB	2023-03-08	2023-05-29
Pretty URL www.blogger.com/static/v1/widgets/829820975-widgets.js IP 216.58.207.201 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:47:32 Last Seen2023-05-29 18:50:49 Times Seen3 Hash 4416f6dbe48f2ced30d398207aa6bf14 fda8efc8da2b808bde4075cd48ef9b549a2f1e37 e94e65cc0ca8c2eba63ae6d128531fc243059b4dc418e7c7ced6d3762f4f0c56 Loading...

	cdn.widgetserver.com/syndication/subscriber/InsertWidget.js	157 B	2023-03-07	2023-11-20
Pretty URL cdn.widgetserver.com/syndication/subscriber/InsertWidget.js IP 96.126.123.244 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:00 Last Seen2023-11-20 17:20:34 Times Seen134 Hash 67e216a27dda24bdcb086c2385b0cb99 17141c80f5d32bec3691c5ab24741d8b7dd5f0c6 9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7 Loading...

	crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html	302 B	2023-03-07	2024-04-26
Pretty URL crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-26 08:49:27 Times Seen28753 Hash 5a9442d8fb9a2077b3ebaf7aa6f763fb 1ad7b70635d1b80ddf645acb12b5f17e0ecf0c99 0665437bacd7ab06df7300ed254eac6729ed5e062da4cfb3895416289cfc647a Loading...

	apis.google.com/js/platform.js	53 kB	2023-03-07	2023-03-17
Pretty URL apis.google.com/js/platform.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2023-03-17 17:17:05 Times Seen1 Hash 15765e8758982081f08a222a54783683 6282653ca157f529d587b92c552f2f9db446ad96 0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444 Loading...

	crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html	845 B	2023-03-08	2023-03-08
Pretty URL crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:30:25 Last Seen2023-03-08 07:30:25 Times Seen1 Hash 4accbffa3859600c387531e4478e76ad a452a0633eaf3e36a2b5782bbf0c53176b163f00 6ca7a7c90eb3281abc5014f8d9ab8f07741789f44b4471d36e99aa285fd5017e Loading...

	crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html	29 B	2023-03-08	2023-03-08
Pretty URL crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html IP 142.250.74.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:30:25 Last Seen2023-03-08 07:30:25 Times Seen1 Hash ddc827721993c6f562f73eef1142ebaa 56d6a58ff8950025a1eee7d584db2a782942f00d 888a3ec919cff8169da6c69160543fb19ef73f9d7d5209906433ee3abf4c5699 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs	178 kB	2023-03-07	2023-03-17
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:32:32 Last Seen2023-03-17 17:17:06 Times Seen1 Hash 4d8f2e4c350eacf196ea2eea5583ebca 74564d56344d09d5fd4354d78851693184ef082d bb2d7194f576a59b09c5ac5a671f6481cda1dbb2ce3deac9ba9290e13d7dbf16 Loading...

	apis.google.com/js/platform:gapi.iframes.style.common.js	54 kB	2023-03-07	2023-03-17
Pretty URL apis.google.com/js/platform:gapi.iframes.style.common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2023-03-17 17:17:05 Times Seen1 Hash 86699298e9ac91b7d3047c1dd6c20a8b d18906decf243620da2249c951af4f1fc702c303 74771edecad704a2abf3efc46eea00a00c4e404481907ac881642037f6e4357c Loading...

	www1.widgetserver.com/?tm=1&subid4=1665071535.0304240000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0	164 B	2023-03-08	2023-04-05
Pretty URL www1.widgetserver.com/?tm=1&subid4=1665071535.0304240000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0 IP 99.83.136.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:51 Last Seen2023-04-05 02:10:11 Times Seen168 Hash a721fadebac58116f06d5f8f84bcfe5a 413588bc107bd1be0cbd14345fb68c9b8ba14b38 912e5797a8e5f63052f4171a842ef7e90701101824c00a4dab15ce20f67605e0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d9d99e8596c5a102ca05ca2e0c0ada92	18 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 07:30:25 Last Seen2023-03-08 07:30:25 Times Seen1 Hash d9d99e8596c5a102ca05ca2e0c0ada92 ad3478e7559be05f6ff65e072f12424e280aa0b6 54e9dc503a373b43b9e460c84e1072bcb69aa971a55442ddc84eb983a35f7a9d Loading...

		Size	First Seen	Last Seen
	#1 Write - 556a22921a4ff0eb671f8420c7a729ac	89 B	2023-03-08	2024-01-03
Pretty Observations First Seen2023-03-08 07:30:25 Last Seen2024-01-03 22:33:14 Times Seen69 Hash 556a22921a4ff0eb671f8420c7a729ac 2d0836ab9eeac750755f44f534731ac35c61d4f0 82f0092d5749d19b06492bf8dbbb3e6efd4b880736d053cc950947e2ed50fa2c Loading...

HTTP Transactions (92)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15769
Expires: Thu, 06 Oct 2022 20:15:02 GMT
Date: Thu, 06 Oct 2022 15:52:13 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

54.230.111.65

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KLsrNG8674QfRiWwYTZzW-_hU9KDPfsNHaZYMabPNoFPDGo5HZEh2Q==
Age: 86695

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10380
Expires: Thu, 06 Oct 2022 18:45:14 GMT
Date: Thu, 06 Oct 2022 15:52:14 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: aIrcXbT+dRV/udSDV/KVghnf1gmSp+LGbiyibpzzxWakL4kag0x8VWygE5PFeQKbv1/hdH767De3UIlmvroiZw==
x-amz-request-id: BSN4R92NE81P5Z55
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 14:58:47 GMT
age: 3207
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 15:52:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html

142.250.74.161

200 OK

18 kB

URL HTTP/1.1
crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1214), with CR, LF line terminators
Size
18 kB (18435 bytes)
Hash
35c76dd9be4868a0682e3c33e25d86ba
b40e26ceec2ff8b003158c58130bb7a6299e173c
7ee4195902cba6e7d73eff51c4422504f7c1253aa8f2e88406d18dfca68beaee

HTTP Headers

GET /2010/02/word-art-for-your-blogs-and.html HTTP/1.1
Host: crazy4crafting.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 06 Oct 2022 15:52:14 GMT
Date: Thu, 06 Oct 2022 15:52:14 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 21 Sep 2022 17:56:19 GMT
ETag: W/"2c2e92c779aee115d37b6ae0ba07799698c6279f0b225790ce693cc6ac20d93c"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 18435
Server: GSE

crazy4crafting.blogspot.com/js/cookienotice.js

142.250.74.161

200 OK

2.0 kB

URL HTTP/1.1
crazy4crafting.blogspot.com/js/cookienotice.js
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
2.0 kB (2026 bytes)
Hash
c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: crazy4crafting.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/2010/02/word-art-for-your-blogs-and.html

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Thu, 06 Oct 2022 15:52:14 GMT
Expires: Thu, 13 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 06 Oct 2022 12:21:24 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
def0f2d6c644aedbb89357888764f922
fdb5fc717f50599db8785b8aa0f1875408a88793
6061b8fa8aef4bedf1f30672c7614c2913fb38b2582e46a5d7e31ec898181fa6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

216.58.207.201

200 OK

6.6 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (30596)
Size
6.6 kB (6620 bytes)
Hash
6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f

HTTP Headers

GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 04:43:17 GMT
expires: Thu, 05 Oct 2023 04:43:17 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 04 Oct 2022 12:57:07 GMT
content-type: text/css
age: 126537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

apis.google.com/js/platform.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
apis.google.com/js/platform.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1277)
Size
20 kB (20361 bytes)
Hash
b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Thu, 06 Oct 2022 15:52:14 GMT
expires: Thu, 06 Oct 2022 15:52:14 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/829820975-widgets.js

216.58.207.201

200 OK

57 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/829820975-widgets.js
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2221)
Size
57 kB (56806 bytes)
Hash
b18547f3bc01f36c7dd3a6b6082feeb0
ca60d4a2bcd171bfe918249742cfde4223f0ba00
7666d4f1e68fda03543de42ac22d422822013499d6937cc08ae884bfdef3688b

HTTP Headers

GET /static/v1/widgets/829820975-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56806
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 02:07:50 GMT
expires: Thu, 05 Oct 2023 02:07:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 00:52:39 GMT
content-type: text/javascript
age: 135864
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

resources.blogblog.com/img/icon_delete13.gif

216.58.207.201

200 OK

140 B

URL HTTP/2
resources.blogblog.com/img/icon_delete13.gif
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 13 x 13\012- data
Size
140 B (140 bytes)
Hash
e7f55c98f18368f2ba26a008b1d40fc3
bb509d770d2d149060707c2c2c01776e86b858c4
69ff07a31a102649f3e0d08a967c39b134286293b85aac0885b3102a9120f1a6

HTTP Headers

GET /img/icon_delete13.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 140
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 17:39:47 GMT
expires: Wed, 12 Oct 2022 17:39:47 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 12:00:16 GMT
content-type: image/gif
age: 79947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

resources.blogblog.com/img/blank.gif

216.58.207.201

200 OK

43 B

URL HTTP/2
resources.blogblog.com/img/blank.gif
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /img/blank.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 43
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 04:31:39 GMT
expires: Thu, 13 Oct 2022 04:31:39 GMT
cache-control: public, max-age=604800
last-modified: Thu, 06 Oct 2022 02:19:52 GMT
content-type: image/gif
age: 40835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

1.bp.blogspot.com/_YXNpYclYqn8/S3ZZtHjwSHI/AAAAAAAAArk/G48-SMJuw1E/s400/picnic.png

142.250.74.161

200 OK

54 kB

URL HTTP/1.1
1.bp.blogspot.com/_YXNpYclYqn8/S3ZZtHjwSHI/AAAAAAAAArk/G48-SMJuw1E/s400/picnic.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 400 x 152, 8-bit/color RGBA, non-interlaced\012- data
Size
54 kB (53538 bytes)
Hash
2f033452bc28333c31903f93e7100602
2193a58ca4560b8f209bf72f347f5e58dcccb11e
f8c54019138c4a89798691a28b7ce47b8390889365122ae7e7f2cf1dcad55693

HTTP Headers

GET /_YXNpYclYqn8/S3ZZtHjwSHI/AAAAAAAAArk/G48-SMJuw1E/s400/picnic.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v345"
Expires: Fri, 07 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="picnic.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: fife
Content-Length: 53538
X-XSS-Protection: 0

resources.blogblog.com/img/icon18_edit_allbkg.gif

216.58.207.201

200 OK

162 B

URL HTTP/2
resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 18\012- data
Size
162 B (162 bytes)
Hash
c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

HTTP Headers

GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:57:04 GMT
expires: Wed, 12 Oct 2022 19:57:04 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 12:00:16 GMT
content-type: image/gif
age: 71710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i102.photobucket.com/albums/m84/amyc222/blogredo/amycblgbtn.gif

54.230.111.17

301 Moved Permanently

167 B

URL HTTP/1.1
i102.photobucket.com/albums/m84/amyc222/blogredo/amycblgbtn.gif
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/m84/amyc222/blogredo/amycblgbtn.gif HTTP/1.1
Host: i102.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 06 Oct 2022 15:52:14 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i102.photobucket.com/albums/m84/amyc222/blogredo/amycblgbtn.gif
X-Cache: Redirect from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fZ-BSAqmXicP6wWFyNMJlR8PLLnDbqfG8gc2UhB2kFLxoxRyPpiprA==
Vary: Origin

www.blogger.com/img/icon18_email.gif

216.58.207.201

200 OK

164 B

URL HTTP/1.1
www.blogger.com/img/icon18_email.gif
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 13\012- data
Size
164 B (164 bytes)
Hash
36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

HTTP Headers

GET /img/icon18_email.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 164
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 09:27:02 GMT
Expires: Wed, 12 Oct 2022 09:27:02 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 05 Oct 2022 07:18:22 GMT
Content-Type: image/gif
Age: 109512

no-stats3.conveythis.com/kern_e2/javascript/e2_1.js

104.131.110.222

200 OK

13 kB

URL HTTP/1.1
no-stats3.conveythis.com/kern_e2/javascript/e2_1.js
IP
104.131.110.222:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (12691), with CRLF line terminators
Size
13 kB (12693 bytes)
Hash
4b6ad5d9b395d3aa5ed23282e70bfda4
84c5124ccf01d373ed63b7150e9d698703e92915
56100ffcd1a180bd7309a0bbc867d1120b1363d51066585561d3b6d82b17ec73

HTTP Headers

GET /kern_e2/javascript/e2_1.js HTTP/1.1
Host: no-stats3.conveythis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Server: nginx/1.2.1
Date: Thu, 06 Oct 2022 14:57:04 GMT
Content-Type: application/x-javascript
Content-Length: 12693
Last-Modified: Wed, 17 Dec 2014 21:40:12 GMT
Connection: keep-alive
Accept-Ranges: bytes

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs

142.250.74.174

200 OK

58 kB

URL HTTP/2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (580)
Size
58 kB (57995 bytes)
Hash
d70fcc84d705c565b31a5835c0938d5b
d28e5dc9fcc6239d67986df3205468072023d2d7
1d558c94793446aa6a7832dde0c39ed7d9c77fd963ffb738c460e4f7369a7f4e

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 07:25:42 GMT
expires: Mon, 02 Oct 2023 07:25:42 GMT
cache-control: public, max-age=31536000
age: 375992
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

1.bp.blogspot.com/_YXNpYclYqn8/SzrdndIn64I/AAAAAAAAATM/lYS7cBx3YAk/S1600-R/Taken_with_Teal_Header.gif

142.250.74.161

200 OK

49 kB

URL HTTP/1.1
1.bp.blogspot.com/_YXNpYclYqn8/SzrdndIn64I/AAAAAAAAATM/lYS7cBx3YAk/S1600-R/Taken_with_Teal_Header.gif
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 700 x 195\012- data
Size
49 kB (49379 bytes)
Hash
91b560a64673b22e8025abbdb4a67db3
e221339e948ce43365dec2adf05f386255f575d6
fd9a8450004aeb598b007b71692055344d6d5c67fea64a3fbb77d8b0783e3a7f

HTTP Headers

GET /_YXNpYclYqn8/SzrdndIn64I/AAAAAAAAATM/lYS7cBx3YAk/S1600-R/Taken_with_Teal_Header.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v4c5"
Expires: Fri, 07 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Taken_with_Teal_Header.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: fife
Content-Length: 49379
X-XSS-Protection: 0

www.blogger.com/img/blogger_logo_round_35.png

216.58.207.201

200 OK

2.5 kB

URL HTTP/1.1
www.blogger.com/img/blogger_logo_round_35.png
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2531 bytes)
Hash
838622483cbfed35380b4705f19d7cca
7de684136affc969a24d61927afc18905cf2fc36
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

HTTP Headers

GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2531
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 11:39:27 GMT
Expires: Wed, 12 Oct 2022 11:39:27 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 04 Oct 2022 16:56:41 GMT
Content-Type: image/png
Age: 101567

2.bp.blogspot.com/_YXNpYclYqn8/Sya8E9leeZI/AAAAAAAAANg/s96GZxzvV-c/S150/Gypsy_blog_button.gif

142.250.74.161

200 OK

3.5 kB

URL HTTP/1.1
2.bp.blogspot.com/_YXNpYclYqn8/Sya8E9leeZI/AAAAAAAAANg/s96GZxzvV-c/S150/Gypsy_blog_button.gif
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 150 x 75\012- data
Size
3.5 kB (3451 bytes)
Hash
0d0d6b4741a19221c0a266ab27012a19
9de994111a9a6f5e0bfcb0d88df856dff24e2571
5c2786badb1510710022b78fce36877e21fc1fd92488119c671d9380c5e11850

HTTP Headers

GET /_YXNpYclYqn8/Sya8E9leeZI/AAAAAAAAANg/s96GZxzvV-c/S150/Gypsy_blog_button.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v4de"
Expires: Fri, 07 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Gypsy_blog_button.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: fife
Content-Length: 3451
X-XSS-Protection: 0

1.bp.blogspot.com/_YXNpYclYqn8/SwcQXrdViYI/AAAAAAAAAGI/Bk72bSY2XEg/S220/vt-ribbon.gif

142.250.74.161

200 OK

9.6 kB

URL HTTP/1.1
1.bp.blogspot.com/_YXNpYclYqn8/SwcQXrdViYI/AAAAAAAAAGI/Bk72bSY2XEg/S220/vt-ribbon.gif
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 143 x 201\012- data
Size
9.6 kB (9617 bytes)
Hash
7da8c10a3e0b8a7254d67051db5838dc
ed1669147eec57f4b344e0a935aea0ae9612acf0
a467bbbc12c611bf7843f616cbe0d8154f30d7f6297a0352c6e8fb656796ebae

HTTP Headers

GET /_YXNpYclYqn8/SwcQXrdViYI/AAAAAAAAAGI/Bk72bSY2XEg/S220/vt-ribbon.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v4b9"
Expires: Fri, 07 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="vt-ribbon.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: fife
Content-Length: 9617
X-XSS-Protection: 0

i950.photobucket.com/albums/ad344/bugbytes/blinkie-butterfly1-1.gif

54.230.111.82

301 Moved Permanently

167 B

URL HTTP/1.1
i950.photobucket.com/albums/ad344/bugbytes/blinkie-butterfly1-1.gif
IP
54.230.111.82:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/ad344/bugbytes/blinkie-butterfly1-1.gif HTTP/1.1
Host: i950.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 06 Oct 2022 15:52:14 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i950.photobucket.com/albums/ad344/bugbytes/blinkie-butterfly1-1.gif
X-Cache: Redirect from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Vl8RJ5k4A1NM9cfZbYmbHImpiw32EUzgaVC1zGKmmVUoLvB-6xeLDw==
Vary: Origin

i950.photobucket.com/albums/ad344/bugbytes/frame-for-button-1.gif

54.230.111.82

301 Moved Permanently

167 B

URL HTTP/1.1
i950.photobucket.com/albums/ad344/bugbytes/frame-for-button-1.gif
IP
54.230.111.82:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET /albums/ad344/bugbytes/frame-for-button-1.gif HTTP/1.1
Host: i950.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Thu, 06 Oct 2022 15:52:14 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i950.photobucket.com/albums/ad344/bugbytes/frame-for-button-1.gif
X-Cache: Redirect from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 137hrvXjjD2UnTt112JS9rVJoxlXbtz8zGA7Qbs3leCY9Y9T8MZc7A==
Vary: Origin

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
56cfc6cb7f4196868ed29dc1c60fa09c
7d4e592ec60170f4efad5ebc2c896bbb526cf5ad
0a274fab70186f7c386a440da728aa0698fed5ae121b5aad3c531f1614e75b94

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1.bp.blogspot.com/_YXNpYclYqn8/S8EvYpab_dI/AAAAAAAAA4A/HEiFJov_vYc/S220/crafting_queen_award.png

142.250.74.161

200 OK

85 kB

URL HTTP/1.1
1.bp.blogspot.com/_YXNpYclYqn8/S8EvYpab_dI/AAAAAAAAA4A/HEiFJov_vYc/S220/crafting_queen_award.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 220 x 181, 8-bit/color RGBA, non-interlaced\012- data
Size
85 kB (84605 bytes)
Hash
490f84ec2ee8e5ac94bd040aa54125fc
5360f2436f33ce5c314405c1562a4e3cda878378
d8fa67872c1ef2e4d6a6c018a4fc6740bfe9e489c8c7470c1ee78a892f2bd8a5

HTTP Headers

GET /_YXNpYclYqn8/S8EvYpab_dI/AAAAAAAAA4A/HEiFJov_vYc/S220/crafting_queen_award.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v380"
Expires: Fri, 07 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="crafting_queen_award.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: fife
Content-Length: 84605
X-XSS-Protection: 0

2.bp.blogspot.com/_YXNpYclYqn8/Sya7zfQQ--I/AAAAAAAAANY/1qX7XRVkAt8/S150/SCAL_blog_Button.gif

142.250.74.161

200 OK

9.7 kB

URL HTTP/1.1
2.bp.blogspot.com/_YXNpYclYqn8/Sya7zfQQ--I/AAAAAAAAANY/1qX7XRVkAt8/S150/SCAL_blog_Button.gif
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 150 x 90\012- data
Size
9.7 kB (9705 bytes)
Hash
c0a213b9e5e8a52aac33e8b1b0083993
f37152b97d21e2df86b69b238627dd955e6963ac
a952916d337cac92b1ffd885f2d5436bde0fa43994e6cde0ab540a939cc79923

HTTP Headers

GET /_YXNpYclYqn8/Sya7zfQQ--I/AAAAAAAAANY/1qX7XRVkAt8/S150/SCAL_blog_Button.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v46d"
Expires: Fri, 07 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="SCAL_blog_Button.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: fife
Content-Length: 9705
X-XSS-Protection: 0

pagead2.googlesyndication.com/pagead/js/google_top_exp.js

216.58.207.194

200 OK

67 B

URL HTTP/1.1
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
67 B (67 bytes)
Hash
9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c

HTTP Headers

GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 06 Oct 2022 10:23:14 GMT
Expires: Thu, 20 Oct 2022 10:23:14 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 19740

www.blogger.com/dyn-css/authorization.css?targetBlogID=4309591811807187501&zx=3cdce278-3007-4eab-97be-98d3f06b02e8

216.58.207.201

200 OK

21 B

URL HTTP/2
www.blogger.com/dyn-css/authorization.css?targetBlogID=4309591811807187501&zx=3cdce278-3007-4eab-97be-98d3f06b02e8
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=4309591811807187501&zx=3cdce278-3007-4eab-97be-98d3f06b02e8 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 15:52:14 GMT
last-modified: Thu, 06 Oct 2022 15:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

4.bp.blogspot.com/_YXNpYclYqn8/S13N7N5MfFI/AAAAAAAAAgk/buKO1EejiEc/S220/surecutslogo2.gif

142.250.74.161

200 OK

6.1 kB

URL HTTP/1.1
4.bp.blogspot.com/_YXNpYclYqn8/S13N7N5MfFI/AAAAAAAAAgk/buKO1EejiEc/S220/surecutslogo2.gif
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 200 x 110\012- data
Size
6.1 kB (6125 bytes)
Hash
949a01d3254a60cb006abb64a96fb76f
4c0ed134a2e99ab0b361e23060d1ce69e80a0f19
929bbcc2646a88682b2a0209b998975b003721193e1cca2c5ea6ea090d551366

HTTP Headers

GET /_YXNpYclYqn8/S13N7N5MfFI/AAAAAAAAAgk/buKO1EejiEc/S220/surecutslogo2.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v4a1"
Expires: Fri, 07 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="surecutslogo2.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: fife
Content-Length: 6125
X-XSS-Protection: 0

4.bp.blogspot.com/_YXNpYclYqn8/S8cb7pi41_I/AAAAAAAAA6E/6IVEIfekIpo/S1600-R/Cindy_avatar4_copyrighted.png

142.250.74.161

200 OK

67 kB

URL HTTP/1.1
4.bp.blogspot.com/_YXNpYclYqn8/S8cb7pi41_I/AAAAAAAAA6E/6IVEIfekIpo/S1600-R/Cindy_avatar4_copyrighted.png
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
PNG image data, 200 x 299, 8-bit/color RGBA, non-interlaced\012- data
Size
67 kB (66987 bytes)
Hash
3d0f43bea5afdcf302e7158248c74ec5
a53c0e698449d241a45515e10477462587baec9b
4d36d1b31d7eaa3a5e2641afbf379e3490aa9bf2a939b89c7eb43c0ae36e4a50

HTTP Headers

GET /_YXNpYclYqn8/S8cb7pi41_I/AAAAAAAAA6E/6IVEIfekIpo/S1600-R/Cindy_avatar4_copyrighted.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3a1"
Expires: Fri, 07 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Cindy_avatar4_copyrighted.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: fife
Content-Length: 66987
X-XSS-Protection: 0

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.65

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 15:29:41 GMT
Expires: Thu, 06 Oct 2022 15:52:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Y7-ki9b6YN-ea9GE287z-gFQ55ILJuQapHjUpBJD23qyqDKtUFvhEg==
Age: 1353

www.maploco.com/vmap/3716751.png

69.16.219.69

301 Moved Permanently

288 B

URL HTTP/1.1
www.maploco.com/vmap/3716751.png
IP
69.16.219.69:0
ASN
#32244 LIQUIDWEB

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
288 B (288 bytes)
Hash
057287507863a570390c53fe9aa7abbe
4c5fedef5c76e00bd14075b93fc2318325da1df7
2942a5ba8e40882cd519df5e4a3bac93a1186f23b1910e6c9a93e07e9f74cec3

HTTP Headers

GET /vmap/3716751.png HTTP/1.1
Host: www.maploco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 301 Moved Permanently
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: Apache/2.2.15 (CentOS) mod_ssl/2.2.15 OpenSSL/1.0.1e-fips PHP/5.3.3
Location: https://www.maploco.com/vmap/3716751.png
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 288
Keep-Alive: timeout=2, max=256
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

cdn.widgetserver.com/syndication/subscriber/InsertWidget.js

96.126.123.244

200 OK

157 B

URL HTTP/1.1
cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
IP
96.126.123.244:0
ASN
#63949 Linode, LLC

File type
ASCII text
Size
157 B (157 bytes)
Hash
67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /syndication/subscriber/InsertWidget.js HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Thu, 06 Oct 2022 15:52:14 GMT
content-type: application/javascript
content-length: 157
last-modified: Fri, 09 Mar 2018 19:33:30 GMT
etag: "5aa2e18a-9d"
accept-ranges: bytes
connection: close

3.bp.blogspot.com/_YXNpYclYqn8/SzZ3ijmM8XI/AAAAAAAAAPA/scvXP74oozI/S220-s80/profile_pic.bmp

142.250.74.161

200 OK

3.1 kB

URL HTTP/1.1
3.bp.blogspot.com/_YXNpYclYqn8/SzZ3ijmM8XI/AAAAAAAAAPA/scvXP74oozI/S220-s80/profile_pic.bmp
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 63x80, components 3\012- data
Size
3.1 kB (3099 bytes)
Hash
875c94cc33f3d5d68bcb9cee77bf0a2b
9d549088f85145b905056b5c136b807c21c2161e
9b2d73af2f14a046df1f7924bd7b0b7e01e74b2f050a40a955b47faff1341666

HTTP Headers

GET /_YXNpYclYqn8/SzZ3ijmM8XI/AAAAAAAAAPA/scvXP74oozI/S220-s80/profile_pic.bmp HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "vf0"
Expires: Fri, 07 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="profile_pic.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: fife
Content-Length: 3099
X-XSS-Protection: 0

i839.photobucket.com/albums/zz318/cre8tveldy/cindy_heart_long.gif

54.230.111.17

200 OK

1.9 kB

URL HTTP/1.1
i839.photobucket.com/albums/zz318/cre8tveldy/cindy_heart_long.gif
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 351 x 111\012- data
Size
1.9 kB (1943 bytes)
Hash
893e157157333a78a4cda2ab875f9fa5
e536f2ca1dcbb429ab0bca2d858321ce9f51c045
afc359776b45f4c96f19a201215add2847fc23a8d739a7879d759090c0934f8e

HTTP Headers

GET /albums/zz318/cre8tveldy/cindy_heart_long.gif HTTP/1.1
Host: i839.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 1943
Connection: keep-alive
Date: Thu, 06 Oct 2022 15:52:14 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Content-Disposition: inline; filename="cindy_heart_long.gif"
Expires: Fri, 06 Oct 2023 15:52:14 GMT
Server: photobucket
X-Amzn-Trace-Id: Root=1-633ef9ae-2092cc850f94e7c529c3c22c
X-Request-Id: ZfvDVujIcMxpXTMzghMFW
Vary: Accept
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hrlnXUW1CgCO8AKU9UaWhTxVmjM8ilRgfZKiYs7I0TnwWkYDwzBI-A==

i950.photobucket.com/albums/ad344/bugbytes/blinkie-butterfly1-1.gif

54.230.111.82

404 Not Found

7.1 kB

URL HTTP/2
i950.photobucket.com/albums/ad344/bugbytes/blinkie-butterfly1-1.gif
IP
54.230.111.82:0
ASN
#16509 AMAZON-02

File type
PNG image data, 160 x 120, 8-bit/color RGB, non-interlaced\012- data
Size
7.1 kB (7092 bytes)
Hash
49e3fff8262f861c9be74931c8c33d34
a25ea738da2c2737c9eec1fdd76c5c21923f021e
f472388ee6d7eb09b86275ac4a198d40acf2b2083b342ad40838d57d01bb9c50

HTTP Headers

GET /albums/ad344/bugbytes/blinkie-butterfly1-1.gif HTTP/1.1
Host: i950.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://crazy4crafting.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
content-type: image/png
content-length: 7092
last-modified: Fri, 20 Dec 2019 23:09:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 06 Oct 2022 06:47:17 GMT
etag: "49e3fff8262f861c9be74931c8c33d34"
x-cache: Error from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OuSp0tgtVwL5607F68Y3lQfuCpnDGh0aNqfuryyQHW6JAu2NSCoDVg==
age: 32754
X-Firefox-Spdy: h2

i950.photobucket.com/albums/ad344/bugbytes/frame-for-button-1.gif

54.230.111.82

404 Not Found

7.1 kB

URL HTTP/2
i950.photobucket.com/albums/ad344/bugbytes/frame-for-button-1.gif
IP
54.230.111.82:0
ASN
#16509 AMAZON-02

File type
PNG image data, 160 x 120, 8-bit/color RGB, non-interlaced\012- data
Size
7.1 kB (7092 bytes)
Hash
49e3fff8262f861c9be74931c8c33d34
a25ea738da2c2737c9eec1fdd76c5c21923f021e
f472388ee6d7eb09b86275ac4a198d40acf2b2083b342ad40838d57d01bb9c50

HTTP Headers

GET /albums/ad344/bugbytes/frame-for-button-1.gif HTTP/1.1
Host: i950.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://crazy4crafting.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
content-type: image/png
content-length: 7092
last-modified: Fri, 20 Dec 2019 23:09:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 19:58:24 GMT
etag: "49e3fff8262f861c9be74931c8c33d34"
x-cache: Error from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ra3mm9amMhEIpiZViwhcScfjy1u5CeeyZIoiTQVo8KX0HPGXuuo_Qg==
age: 158031
X-Firefox-Spdy: h2

3.bp.blogspot.com/_YXNpYclYqn8/Sya8hcaZyCI/AAAAAAAAANo/RAIi_iuNrV0/S150/DS_blog_button.gif

142.250.74.161

200 OK

5.5 kB

URL HTTP/1.1
3.bp.blogspot.com/_YXNpYclYqn8/Sya8hcaZyCI/AAAAAAAAANo/RAIi_iuNrV0/S150/DS_blog_button.gif
IP
142.250.74.161:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 150 x 90\012- data
Size
5.5 kB (5490 bytes)
Hash
82f8900a82ed4433574d6ad853e09604
6f3c8916ccdf1ab50452e5df62e64acd6ce257c4
911800c9b70e7257c4e47f47c20322b8b19fce31c84c4ea471e6835122681e78

HTTP Headers

GET /_YXNpYclYqn8/Sya8hcaZyCI/AAAAAAAAANo/RAIi_iuNrV0/S150/DS_blog_button.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v4b3"
Expires: Fri, 07 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DS_blog_button.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: fife
Content-Length: 5490
X-XSS-Protection: 0

i102.photobucket.com/albums/m84/amyc222/blogredo/amycblgbtn.gif

54.230.111.17

200 OK

8.8 kB

URL HTTP/2
i102.photobucket.com/albums/m84/amyc222/blogredo/amycblgbtn.gif
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 150 x 136\012- data
Size
8.8 kB (8755 bytes)
Hash
f7f7fc62a7707b97cdd57c5a49b99ed9
127534642dfd20b3e960fffb1aac7168a2f22a97
184eaed146a9bcf66895e464cd20eb221cae6c75f5b9e4ff04d768fd5506be66

HTTP Headers

GET /albums/m84/amyc222/blogredo/amycblgbtn.gif HTTP/1.1
Host: i102.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://crazy4crafting.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 8755
date: Thu, 06 Oct 2022 15:52:14 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="amycblgbtn.gif"
expires: Fri, 06 Oct 2023 15:52:14 GMT
server: photobucket
x-amzn-trace-id: Root=1-633ef9ae-0de81c2f116b5d09084ec35a
x-request-id: G-s27DO8AXY-2MfYGf8y2
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ixozObwqPSadFfMixZS2_GJ8yilqLFbHMKAy8AVdi7XzBGaDRk2IGQ==
vary: Accept, Origin
X-Firefox-Spdy: h2

www.blogger.com/img/logo-16.png

216.58.207.201

200 OK

279 B

URL HTTP/1.1
www.blogger.com/img/logo-16.png
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
279 B (279 bytes)
Hash
5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

HTTP Headers

GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 05 Oct 2022 22:56:11 GMT
Expires: Wed, 12 Oct 2022 22:56:11 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 05 Oct 2022 08:35:45 GMT
Content-Type: image/png
Age: 60963

i839.photobucket.com/albums/zz318/cre8tveldy/Love_My_Cherry_blossom_Gypsy_COP-2.gif

54.230.111.17

200 OK

14 kB

URL HTTP/1.1
i839.photobucket.com/albums/zz318/cre8tveldy/Love_My_Cherry_blossom_Gypsy_COP-2.gif
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 225 x 132\012- data
Size
14 kB (14147 bytes)
Hash
ed9a1c33172935cab6567a8b12d010d8
1e0923a896a41f6b09b31c1948e5b01616184730
47b98c173e0d82014fbe4b0def6067a11a2ba1e1e2c0f21ea754ee471281b3b2

HTTP Headers

GET /albums/zz318/cre8tveldy/Love_My_Cherry_blossom_Gypsy_COP-2.gif HTTP/1.1
Host: i839.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 14147
Connection: keep-alive
Date: Thu, 06 Oct 2022 15:52:14 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Content-Disposition: inline; filename="Love_My_Cherry_blossom_Gypsy_COP-2.gif"
Expires: Fri, 06 Oct 2023 15:52:14 GMT
Server: photobucket
X-Amzn-Trace-Id: Root=1-633ef9ae-0c3a09b23100957370c0210a
X-Request-Id: Y_zuPva2U0l3_9p8joJOO
Vary: Accept
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wRGsZoKt8ZpzGmAhoRhWRoD4z6qgjiztYUcah4Pm4M67FiwjJK-X2A==

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

no-stats3.conveythis.com/kern_e2/images/translate5.gif

104.131.110.222

200 OK

1.5 kB

URL HTTP/1.1
no-stats3.conveythis.com/kern_e2/images/translate5.gif
IP
104.131.110.222:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 200 x 20\012- data
Size
1.5 kB (1533 bytes)
Hash
94cf9e230650ec3e95b7e0febaa087cb
5a355aba461282e62d620200fe0d79231bd39aa7
242192bf421b5755ec55e2739a90f0c9cf8ff39ff1944fabb8a5e9d0cb2f5cfa

HTTP Headers

GET /kern_e2/images/translate5.gif HTTP/1.1
Host: no-stats3.conveythis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Server: nginx/1.2.1
Date: Thu, 06 Oct 2022 14:57:05 GMT
Content-Type: image/gif
Content-Length: 1533
Last-Modified: Fri, 17 Oct 2014 19:30:48 GMT
Connection: keep-alive
Accept-Ranges: bytes

i839.photobucket.com/albums/zz318/cre8tveldy/BLOG%20-%20Crazy%20for%20Crafting/word_jumble2.png

54.230.111.17

200 OK

23 kB

URL HTTP/1.1
i839.photobucket.com/albums/zz318/cre8tveldy/BLOG%20-%20Crazy%20for%20Crafting/word_jumble2.png
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
23 kB (23114 bytes)
Hash
bbcfdb55c4ac3b3fe3927f07221a02bb
691dd915b7c754f7218e0632f5a6f2d1c78dddbe
0c62f4df3e5a9c1e9c247fdad44b743fb81a523c4f8c4c04ac4f6ecb535b3494

HTTP Headers

GET /albums/zz318/cre8tveldy/BLOG%20-%20Crazy%20for%20Crafting/word_jumble2.png HTTP/1.1
Host: i839.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 23114
Connection: keep-alive
Date: Thu, 06 Oct 2022 15:52:14 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Content-Disposition: inline; filename="word_jumble2.webp"
Expires: Fri, 06 Oct 2023 15:52:14 GMT
Server: photobucket
X-Amzn-Trace-Id: Root=1-633ef9ae-0adfc98a7c88defa4bdd385f
X-Request-Id: c9iekzuOlSA0Lmal3TfBc
Vary: Accept
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wb-L3Yy438Lg5hTyVWlppGIzOFPu5jOMvdEzmrXKIzCLKjxXdosv5A==

i540.photobucket.com/albums/gg357/alfagetti1/blogbutton-2-1.gif

54.230.111.17

200 OK

16 kB

URL HTTP/1.1
i540.photobucket.com/albums/gg357/alfagetti1/blogbutton-2-1.gif
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 171 x 171\012- data
Size
16 kB (15706 bytes)
Hash
53a98cecac71fc69959c15c0ce8d51f5
1c2a5f7ff312bb57a24380782bf08fc22d065dbe
9d20c80a19f35941832e4e741b1c313f066ef1cba990c88592c91c6b253e455f

HTTP Headers

GET /albums/gg357/alfagetti1/blogbutton-2-1.gif HTTP/1.1
Host: i540.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 15706
Connection: keep-alive
Date: Thu, 06 Oct 2022 15:52:14 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Content-Disposition: inline; filename="blogbutton-2-1.gif"
Expires: Fri, 06 Oct 2023 15:52:14 GMT
Server: photobucket
X-Amzn-Trace-Id: Root=1-633ef9ae-5a935bfc396025af0b0d805e
X-Request-Id: 4YbeJ_bpgpYUj8jTuhMfK
Vary: Accept
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _Lc0f3Q7tUMBKHShUnyQNN5D_4GUMyRFnVUtWJogCdT1-bI2VXnmBw==

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.74

200 OK

33 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 20:55:30 GMT
expires: Wed, 04 Oct 2023 20:55:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 154604
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i442.photobucket.com/albums/qq149/macsheilam/blinkie.gif

54.230.111.82

200 OK

56 kB

URL HTTP/1.1
i442.photobucket.com/albums/qq149/macsheilam/blinkie.gif
IP
54.230.111.82:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 160 x 103\012- data
Size
56 kB (56087 bytes)
Hash
03ad115bc4963b4af97e90b68676a7c2
15fa3d9d6b481388f87028dff24c8ef1734fd766
4045399264f896662a1804d7463e66e1dad86229cefb1d0e3323c515b5eb9243

HTTP Headers

GET /albums/qq149/macsheilam/blinkie.gif HTTP/1.1
Host: i442.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 56087
Connection: keep-alive
Date: Thu, 06 Oct 2022 15:52:14 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Content-Disposition: inline; filename="blinkie.gif"
Expires: Fri, 06 Oct 2023 15:52:14 GMT
Server: photobucket
X-Amzn-Trace-Id: Root=1-633ef9ae-1a2e440c7e8f588b2b149f1c
X-Request-Id: 9lidZGyfEqAX2bQzDQFjx
Vary: Accept
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cMdrvRzIlzHBLaGPlnFaImw9fWh24bCAie0M7WXmQzAABm_eedY1RA==

i839.photobucket.com/albums/zz318/cre8tveldy/blog_post_divider.gif

54.230.111.17

200 OK

8.2 kB

URL HTTP/1.1
i839.photobucket.com/albums/zz318/cre8tveldy/blog_post_divider.gif
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 400 x 82\012- data
Size
8.2 kB (8248 bytes)
Hash
92ffd8ca2bd7f7fb385091ef5b45e542
2d17668c5740747bd9dcfbfbfca4e7e4f8768421
8036614ece609f445831d5f9bc5f549f6b922f100439858eacbbe7ec48bb0b63

HTTP Headers

GET /albums/zz318/cre8tveldy/blog_post_divider.gif HTTP/1.1
Host: i839.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 8248
Connection: keep-alive
Date: Thu, 06 Oct 2022 15:52:14 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Content-Disposition: inline; filename="blog_post_divider.gif"
Expires: Fri, 06 Oct 2023 15:52:14 GMT
Server: photobucket
X-Amzn-Trace-Id: Root=1-633ef9ae-2fada3f916d2d33e1b6e16ca
X-Request-Id: KD5UlDkX79wqNaMkAg29Y
Vary: Accept
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HQM15LOzORzn59IRIlNrtWmU_mm3yUiuIn6NtUyxCUfqhXKKtRcwMw==

storage.myfreecopyright.com/mfc_protected.png

52.92.176.241

403 Forbidden

243 B

URL HTTP/1.1
storage.myfreecopyright.com/mfc_protected.png
IP
52.92.176.241:0
ASN
#16509 AMAZON-02

File type
XML 1.0 document text\012- XML document, ASCII text
Size
243 B (243 bytes)
Hash
1929363c7eb9399ec11fa62253031d78
6d2a052bfb7ad9e5dbc41b6a2691f601bf7dc735
ea8cc73464361fe8f7f80f88ac536ff2607d6dc6bcf0495f4543804d00477f52

HTTP Headers

GET /mfc_protected.png HTTP/1.1
Host: storage.myfreecopyright.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 403 Forbidden
x-amz-request-id: YGVS8Y4B7EJNPZXT
x-amz-id-2: FG//vTfQt8hUIQNFEUoq18mZ8HnfNLlJfr9FmXTo6wpG5EJHyn32Fo3IU2KokO0HFM9yLFi78Pc=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Thu, 06 Oct 2022 15:52:14 GMT
Server: AmazonS3

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4878
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:15 GMT
Last-Modified: Thu, 06 Oct 2022 14:30:57 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

i839.photobucket.com/albums/zz318/cre8tveldy/c4c_blog_button.png

54.230.111.17

200 OK

15 kB

URL HTTP/1.1
i839.photobucket.com/albums/zz318/cre8tveldy/c4c_blog_button.png
IP
54.230.111.17:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
15 kB (15242 bytes)
Hash
9b798fa1844c22e923e5a51988cdb18d
bc6590d8c8a8eda6efd3c03a69ebdbf6a46231a0
0be212b60999b3264c51f1fab19127fe89954c8cd147e52fb861a87280214663

HTTP Headers

GET /albums/zz318/cre8tveldy/c4c_blog_button.png HTTP/1.1
Host: i839.photobucket.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/

HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 15242
Connection: keep-alive
Date: Thu, 06 Oct 2022 15:52:14 GMT
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Content-Disposition: inline; filename="c4c_blog_button.webp"
Expires: Fri, 06 Oct 2023 15:52:14 GMT
Server: photobucket
X-Amzn-Trace-Id: Root=1-633ef9ae-3171f742160b196510386558
X-Request-Id: ZpO_HJq-yoH5taxCfuAdr
Vary: Accept
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tdVEcw9UZlwkmY_uoQMh1vnzyAAn6LLUNf7LAtWCmc2vgOVye7-kbA==

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5cd09511c6f6ecfdfab924e894c0d066
646ab2055bbb2f37e05c17f0b446748e9fa95261
82d465d157d4e65ce1b89feceedee63089766a1d858fa59d751a8d07ea32f82e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D465D157D4E65CE1B89FECEEDEE63089766A1D858FA59D751A8D07EA32F82E"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7800
Expires: Thu, 06 Oct 2022 18:02:15 GMT
Date: Thu, 06 Oct 2022 15:52:15 GMT
Connection: keep-alive

cdn.widgetserver.com/

173.255.194.134

200 OK

7.2 kB

URL HTTP/1.1
cdn.widgetserver.com/
IP
173.255.194.134:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (343)
Size
7.2 kB (7202 bytes)
Hash
5702e24ae06ccf37bb8fd44fd8af3cbb
4c2312aecc351c13ab4ce5ed214b9ad16204ab0c
4a2753c0e5c3889161797d5394fc24407cba458b8b332b3126e909c6cebdec48

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazy4crafting.blogspot.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Thu, 06 Oct 2022 15:52:15 GMT
content-type: text/html; charset=utf-8
content-length: 7202
vary: Accept-Language
content-language: en
connection: close

cdn.widgetserver.com/favicon.ico

173.255.194.134

200 OK

43 B

URL HTTP/1.1
cdn.widgetserver.com/favicon.ico
IP
173.255.194.134:0
ASN
#63949 Linode, LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Thu, 06 Oct 2022 15:52:15 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
connection: close

push.services.mozilla.com/

54.189.35.180

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.35.180:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ioNaFVFC4JhzRIW/zYCkwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dt2MiANQ16IyxqwuQi6Dn1zsusk=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14986
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 15:52:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14986
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 15:52:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14986
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 15:52:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14986
Expires: Thu, 06 Oct 2022 20:02:02 GMT
Date: Thu, 06 Oct 2022 15:52:16 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7270 bytes)
Hash
e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 64400
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4140 bytes)
Hash
dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: f3cb33c4-26b6-4fd8-9293-dfb42be34600
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZiEZ4IAMFvLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-424459547db8b3d721d75e54;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: q70sezhl0h-lASzUDh5_WQ6KraRa3fWYl_tO0iuE0CpbJ5GeiihgMw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
age: 65710
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8360 bytes)
Hash
a7bcc50ecfeeca47de68cb437e966f29
e98c870fd29b56fa4c3847008bedc0f01f222744
47a82bb40ead4346323b68c886cb88528cb2162666e9549b2ab215b86a499985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5b87135-538c-4c9f-b146-1da5b13ce157.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8360
x-amzn-requestid: c1f21bfa-3ceb-4661-97b8-0d7475f0e911
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLlLG0joAMFQqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f2ed-43993b1377e9fbaf4e9443d2;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kyp8p-Jm92bA3VDbsKDiD_JnS2eekJFUkMjYXquZ1D15WthqXoSlsA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:57:01 GMT
age: 64515
etag: "e98c870fd29b56fa4c3847008bedc0f01f222744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3777 bytes)
Hash
1a1a279f8386262762dcf70621e06ed5
0e1d6cefe5ffe1994f26322962df8b0a13743339
a4146e8a0561009b63c55d0c13673958546b96f684a9c5a43a1f3200782798e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3777
x-amzn-requestid: 093c576f-e1f7-4d45-9f8c-7ca3e7539313
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtDEpSIAMF_Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df986-3cbcc83c1db24bbf193c3047;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GXneoYCI_hqJxLyI-RAxkJJf08pBsc6usoQlztb3HHPQSd1PDh7kgQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:47 GMT
age: 64769
etag: "0e1d6cefe5ffe1994f26322962df8b0a13743339"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7511 bytes)
Hash
9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 65710
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10809 bytes)
Hash
a508ac9cd743bec987b2a24454418265
8c7ecefe6908387e2128dc849a6ba857991ba0ab
afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
age: 64717
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.widgetserver.com/mtm/async/.eJxdjEsOwjAMRO-SZYkSFiygiLMgN3XTSPnhmLaAuDsJYsVm9GbG45e4kxO90EIKIFsqViKckJCqmZlzr7UheD4OVSd20arBJ1tyYmVSaMs5Fb5GCFgXZoxqdaNFLkgLUrtpz43BzLVn3FjPHLyEnL0zwC5FvbVkt_2nwZ9vl706SRfAoobFTT9ccciy0923P4r3B_zzRRk:1ogTAV:LmvIi_01uAMUxKZGWqqFvS8KU64/1/0

173.255.194.134

200 OK

256 B

URL HTTP/1.1
cdn.widgetserver.com/mtm/async/.eJxdjEsOwjAMRO-SZYkSFiygiLMgN3XTSPnhmLaAuDsJYsVm9GbG45e4kxO90EIKIFsqViKckJCqmZlzr7UheD4OVSd20arBJ1tyYmVSaMs5Fb5GCFgXZoxqdaNFLkgLUrtpz43BzLVn3FjPHLyEnL0zwC5FvbVkt_2nwZ9vl706SRfAoobFTT9ccciy0923P4r3B_zzRRk:1ogTAV:LmvIi_01uAMUxKZGWqqFvS8KU64/1/0
IP
173.255.194.134:0
ASN
#63949 Linode, LLC

File type
ASCII text, with no line terminators
Size
256 B (256 bytes)
Hash
5b223271d8475e40d92c837326244238
c38f92a7ac8605541e0a2689cdb9b478be4a1d12
df27990aad4dddf768a22b42c9a63102bb018562b76a0c69657fe935d25d9552

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /mtm/async/.eJxdjEsOwjAMRO-SZYkSFiygiLMgN3XTSPnhmLaAuDsJYsVm9GbG45e4kxO90EIKIFsqViKckJCqmZlzr7UheD4OVSd20arBJ1tyYmVSaMs5Fb5GCFgXZoxqdaNFLkgLUrtpz43BzLVn3FjPHLyEnL0zwC5FvbVkt_2nwZ9vl706SRfAoobFTT9ccciy0923P4r3B_zzRRk:1ogTAV:LmvIi_01uAMUxKZGWqqFvS8KU64/1/0 HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cdn.widgetserver.com/
Connection: keep-alive

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Thu, 06 Oct 2022 15:52:16 GMT
content-type: text/html; charset=utf-8
content-length: 256
x-mtm-path: 4
x-mtm-prov: 1:6.24;70:0.00
x-mtm-rd: 0.35
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJjZG4ud2lkZ2V0c2VydmVyLmNvbSIsImh0dHA6Ly93d3cxLndpZGdldHNlcnZlci5jb20vP3RtPTEmc3ViaWQ0PTE2NjUwNzE1MzUuMDMwNDI0MDAwMCZLVzE9RXVyb3BlJTIwRGVkaWNhdGVkJTIwU2VydmVycyZLVzI9Tm9yd2F5JTIwRGVkaWNhdGVkJTIwU2VydmVycyZLVzM9T3NsbyUyMENvdW50eSUyMERlZGljYXRlZCUyMFNlcnZlcnMmS1c0PU9zbG8lMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJktXNT1DdXN0b20lMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJnNlYXJjaGJveD0wJmJhY2tmaWxsPTAiLDEsIjIwMjItMTAtMDYgMTU6NTI6MTYiLDEsIjE2NjUwNzE1MzUuMDMwNDI0MDAwMCIsMSxudWxsLG51bGxd:1ogTAW:Hs2_Pz7JXbK9HoRc6zzD8GwywbY; expires=Thu, 06-Oct-2022 16:52:16 GMT; Max-Age=3600; Path=/
connection: close

www1.widgetserver.com/?tm=1&subid4=1665071535.0304240000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0

99.83.136.84

200 OK

657 B

URL HTTP/1.1
www1.widgetserver.com/?tm=1&subid4=1665071535.0304240000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
IP
99.83.136.84:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
657 B (657 bytes)
Hash
d9281c64d40de50c4f34e1eeb69fb267
29f719a626e58ccaf433fdbffaa6a5a68e30c71b
3ab2554ac7ffc2be45180dc32a25dbd38430b2d5fb423da11b9f7cc455d0d524

HTTP Headers

GET /?tm=1&subid4=1665071535.0304240000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0 HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 15:52:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_yahoo
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip

d38psrni17bvxu.cloudfront.net/themes/assets/style.css

54.230.245.138

200 OK

343 B

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/assets/style.css
IP
54.230.245.138:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
343 B (343 bytes)
Hash
03a4a8c322fc0c99b0ee7cbbcc9eabcd
6fc193276de2a3458cd853c474cb9269b900e00d
a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7

HTTP Headers

GET /themes/assets/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Thu, 06 Oct 2022 07:34:23 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ypmG59Fb2TxiRTuLiZkFO4KuJRWKamrzeIKWvq_FHixA7uLRpDCt_A==
Age: 29874

d38psrni17bvxu.cloudfront.net/themes/assets/zeropark.css

54.230.245.138

200 OK

208 B

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/assets/zeropark.css
IP
54.230.245.138:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
208 B (208 bytes)
Hash
be223301cce69116e7a473d42a863379
928aee49e0ddcbee8c410cdbd80d94820a6cafab
d7a8d561985ea3bb5e9433926fd9c103d4e6c041c19fa4c1dcaa2c0949be74d7

HTTP Headers

GET /themes/assets/zeropark.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Thu, 06 Oct 2022 09:15:07 GMT
Last-Modified: Tue, 25 Jan 2022 08:25:52 GMT
Content-Encoding: gzip
ETag: W/"61efb410-157"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ukCQ0GMzAPVc4Smq_jDohb-aQkbHs3BwP5rLPszau3HHgxrlYwxdUQ==
Age: 23830

www1.widgetserver.com/favicon.ico

99.83.136.84

200 OK

0 B

URL HTTP/1.1
www1.widgetserver.com/favicon.ico
IP
99.83.136.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/?tm=1&subid4=1665071535.0304240000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 15:52:17 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f6a61641b36f0c03d171ee1a0aac9f34
93f0580616e59365c08d8687fb39a24d1bee1cd3
daa2152b6cc357516fcff3fc88cea2af87bb7587e5a9600dea76729d1b1e98b6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 15:52:18 GMT
Last-Modified: Thu, 06 Oct 2022 14:41:45 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rQlS0scu5s0HCx94invdZYNFBQJv7u293mtLLGKjjIolbd8MKmykUQ==
Age: 4233

brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1

35.170.174.54

200 OK

11 kB

URL HTTP/2
brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
IP
35.170.174.54:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1958)
Size
11 kB (10840 bytes)
Hash
61d7002e7403bec9c558fe763217a02b
6765bd82b904df94a568f1ef58c58461c9db9adb
6888bd3281ec071b7ffbe60ba4310f23e0f731f1219582e648aff641333a2717

HTTP Headers

GET /lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1 HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.widgetserver.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 15:52:18 GMT
content-type: text/html;charset=UTF-8
content-length: 10840
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

brigi-jar.com/style.css

35.170.174.54

200 OK

6.0 kB

URL HTTP/2
brigi-jar.com/style.css
IP
35.170.174.54:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
6.0 kB (5981 bytes)
Hash
2eb024ad11ef5f2e503bfb60117c25d8
235b5ca1205cc2ca3d0b8e4f98ce022512b05c0f
d8efc1d8e1100baf07f4105119fde6f8fe760a9efebf189adc5d9b3dfccc9e0a

HTTP Headers

GET /style.css HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 06 Oct 2022 15:52:18 GMT
content-type: text/css
content-length: 5981
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 27 Sep 2022 12:40:35 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

brigi-jar.com/main.js

35.170.174.54

200 OK

480 B

URL HTTP/2
brigi-jar.com/main.js
IP
35.170.174.54:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
480 B (480 bytes)
Hash
91558066fecbfc1f6f77842f6aa85a6c
6bb5c5f2cb4efaf30a8ab810e1b453dcb4df108e
efa0d78cbfa66831e490b26d1bb55b14f6c9f8f3a04b1d08403947abd25908ed

HTTP Headers

GET /main.js HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 06 Oct 2022 15:52:18 GMT
content-type: application/javascript
content-length: 480
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 27 Sep 2022 12:40:35 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.195

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://brigi-jar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:48:50 GMT
expires: Thu, 05 Oct 2023 21:48:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 65008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Mate+SC

142.250.74.10

200 OK

309 B

URL HTTP/2
fonts.googleapis.com/css?family=Mate+SC
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
309 B (309 bytes)
Hash
44f9d6e11ab6e9b704deacbd1e8579fd
ccab42cd4e742fda14d5996bb71fcd77e6f227e4
018635657037e23fa8fe991fa25adf6b954534aee58b08b0f970350f2725537a

HTTP Headers

GET /css?family=Mate+SC HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 15:52:18 GMT
date: Thu, 06 Oct 2022 15:52:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 15:52:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
7225e423a251b3e45267820a6633c97a
fe31c0cbf609dd65fbdd4ee80bb7073f8a44acb7
316d4789f255d253b36f8a398f4c3c9d1e30ea8276af6072eb46883ce831a0ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 15:52:18 GMT
Last-Modified: Thu, 06 Oct 2022 15:11:17 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7DGmdZR72js5-A35AD3yfRr8w71X7crL6QS0AEvqdlabtKmOPC77Ww==
Age: 2462

fonts.googleapis.com/css?family=Poppins:300

142.250.74.10

200 OK

25 kB

URL HTTP/2
fonts.googleapis.com/css?family=Poppins:300
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
25 kB (25205 bytes)
Hash
cbbb56351dafbec7519560f8d7e03472
0048b210cadeae245865c283e7c3807beb9019b5
56b19324b216958a156d27adc2b86f2fea628c273f4f6c213b608e5a2a1088c4

HTTP Headers

GET /css?family=Poppins:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 15:52:18 GMT
date: Thu, 06 Oct 2022 15:52:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

99.83.136.84

200 OK

657 B

URL HTTP/1.1
www1.widgetserver.com/?tm=1&subid4=1665071535.0304240000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
IP
99.83.136.84:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
657 B (657 bytes)
Hash
d9281c64d40de50c4f34e1eeb69fb267
29f719a626e58ccaf433fdbffaa6a5a68e30c71b
3ab2554ac7ffc2be45180dc32a25dbd38430b2d5fb423da11b9f7cc455d0d524

HTTP Headers

GET /?tm=1&subid4=1665071535.0304240000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0 HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 15:52:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_yahoo
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip

brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1

35.170.174.54

200 OK

11 kB

URL HTTP/2
brigi-jar.com/lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
IP
35.170.174.54:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1958)
Size
11 kB (10840 bytes)
Hash
0af8b56e5955668474c4459b5951a835
0b846e7157adb51ba6ac395e367ef2b9da344de7
99cb92a21e95930d7db16948ce3ef558ab549d51d07751bf4adc3dce8ade16d0

HTTP Headers

GET /lander?dn=widgetserver.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1 HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.widgetserver.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 06 Oct 2022 15:52:19 GMT
content-type: text/html;charset=UTF-8
content-length: 10840
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Mate

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Mate
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Mate HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 15:52:18 GMT
date: Thu, 06 Oct 2022 15:52:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations