zakkasab.blogspot.com/2019/01/blog-post_350.html/
13 kB URL zakkasab.blogspot.com/2019/01/blog-post_350.html/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (558)
Hash e2105b517072e3ef40706c3a8a220270
a63db6964078a22f4d12b74133a697cb61a77c7a
46c7bc7508b90c4a413fbc630105e8de4f88de97cff7b04b2fc61f435ca67109
GET /2019/01/blog-post_350.html/ HTTP/1.1
Host: zakkasab.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 07 Dec 2023 20:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 13296
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
zakkasab.blogspot.com/2019/01/blog-post_350.html/
13 kB URL zakkasab.blogspot.com/2019/01/blog-post_350.html/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (558)
Hash 8ceadb2a6a174be4c8f10c710ec1fb82
68467a0be6112772ca9768fddee76ed29bb31541
7e99146a29b671306dcda32ce6028baa6a338788b29f646f6425cd3291dc3e0c
GET /2019/01/blog-post_350.html/ HTTP/1.1
Host: zakkasab.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 07 Dec 2023 20:40:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 13288
Server: GSE
zakkasab.blogspot.com/js/cookienotice.js
2.0 kB URL zakkasab.blogspot.com/js/cookienotice.js
IP
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: zakkasab.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/2019/01/blog-post_350.html/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Thu, 07 Dec 2023 20:40:31 GMT
Expires: Thu, 14 Dec 2023 20:40:31 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 07 Dec 2023 08:22:17 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
apis.google.com/js/platform.js
22 kB URL apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (2664)
Hash fd67324a3d81895bdf76b073089663b1
5abb1b0a36c645085e31830e6647faa790ad4e91
8eaa06f95fa0ac44c2c186f200874f2f3ebc3aaa92412f0d0c096f517d3581d1
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21930
date: Thu, 07 Dec 2023 20:40:31 GMT
expires: Thu, 07 Dec 2023 20:40:31 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "bccfddc1dce4fb76"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=AozMbNxROl2MEJ_29nbpeKG7s4cKGwdkAVSN1QmIeyQ-19pvtcL5foXHxAG9aejapETRVqxSOjorrz8Fvsi30BLzJ0PJbGGI64sKM48SD5kVZxACMGav19zaJftprb8Ks1yfBqGVDcknAPOmLqwu3FJ26O0470DIJQ_ZAcwOTaM; expires=Fri, 07-Jun-2024 20:40:31 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ylx-4.com/mobile_redir.php?section=General&pub=545142&ga=g&desktop=1
100 B URL ylx-4.com/mobile_redir.php?section=General&pub=545142&ga=g&desktop=1
IP
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with no line terminators
Hash 7a771bfc816e27340416ee8a24c857a0
eee185180f444b6adf9fcddc0a37c54fb2038fab
5a9f2261047538b37a32be76dda0504d92790326f3113b5020bcd1d27768f7ce
GET /mobile_redir.php?section=General&pub=545142&ga=g&desktop=1 HTTP/1.1
Host: ylx-4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Dec 2023 20:40:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 07 Dec 2023 20:40:31 GMT
Last-Modified: Thu, 07 Dec 2023 20:40:31 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
ylx-4.com/pup.php?section=General&pt=2&pub=545142&ga=g
1.3 kB URL ylx-4.com/pup.php?section=General&pt=2&pub=545142&ga=g
IP
ASN #201702 skHosting.eu s.r.o.
Hash 0ad9a62eeabd5f0a1816fdde1c07a0c7
ca715f39d45a85c9bd88120c352e0fb1c3dc6257
96a5c73ae2be6a3846821de4a8ff68aa11434329084cea618fdcf03276d0735f
GET /pup.php?section=General&pt=2&pub=545142&ga=g HTTP/1.1
Host: ylx-4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Dec 2023 20:40:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 07 Dec 2023 20:40:31 GMT
Last-Modified: Thu, 07 Dec 2023 20:40:31 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
ylx-4.com/layer.php?section=General&pub=545142&ga=g&fp
0 B URL ylx-4.com/layer.php?section=General&pub=545142&ga=g&fp
IP
ASN #201702 skHosting.eu s.r.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /layer.php?section=General&pub=545142&ga=g&fp HTTP/1.1
Host: ylx-4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Dec 2023 20:40:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
ylx-1.com/bnr.php?section=General&pub=545142&format=300x250&ga=g
428 B URL ylx-1.com/bnr.php?section=General&pub=545142&format=300x250&ga=g
IP
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (428), with no line terminators
Hash d0d146f3c390b1951bfbd26acb2aed0d
566b8fc7a68beb1b299c34ec7a0fe9516706ab30
ebc3bf7da6daca99c1bb630303650409517982975cc31111019c9e6796907f04
GET /bnr.php?section=General&pub=545142&format=300x250&ga=g HTTP/1.1
Host: ylx-1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Dec 2023 20:40:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 07 Dec 2023 20:40:31 GMT
Last-Modified: Thu, 07 Dec 2023 20:40:31 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
ylx-1.com/slider.php?section=General&pub=545142&ga=g&side=random
2.1 kB URL ylx-1.com/slider.php?section=General&pub=545142&ga=g&side=random
IP
ASN #201702 skHosting.eu s.r.o.
File type HTML document, ASCII text, with very long lines (1428), with CRLF line terminators
Hash 0477821fe2b3dff875a0e72fb213ead4
0ae4edc1c62143d27532fac8bc4420aa2624f40f
85a611536a3344e5eaa5adf3f8ba9effd8d7abe6d6d5a9537e2d649b2781f5d6
GET /slider.php?section=General&pub=545142&ga=g&side=random HTTP/1.1
Host: ylx-1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Dec 2023 20:40:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 07 Dec 2023 20:40:31 GMT
Last-Modified: Thu, 07 Dec 2023 20:40:31 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
www.blogger.com/static/v1/widgets/3257101978-widgets.js
59 kB URL www.blogger.com/static/v1/widgets/3257101978-widgets.js
IP
File type ASCII text, with very long lines (2258)
Hash 9cc8dc0e6d0f57f11091cd51a13d42b1
d308834c5985e4914ebea6cba0e87454b44317d6
4d1b90c8b8826df2fa0d5cd23a4b1fba3fd769b7748e3905e7fa9e119d8525fa
GET /static/v1/widgets/3257101978-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 59300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:54:58 GMT
expires: Fri, 06 Dec 2024 15:54:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 07 Dec 2023 02:07:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 17133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
7.8 kB URL www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
File type ASCII text, with very long lines (35959)
Hash 1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:51:35 GMT
expires: Fri, 06 Dec 2024 15:51:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 07 Dec 2023 02:07:04 GMT
content-type: text/css
vary: Accept-Encoding
age: 17336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600
0 B URL themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 07 Dec 2023 20:40:31 GMT
Location: https://themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
resources.blogblog.com/blogblog/data/1kt/transparent/white80.png
96 B URL resources.blogblog.com/blogblog/data/1kt/transparent/white80.png
IP
File type PNG image data, 20 x 20, 1-bit colormap, non-interlaced\012- data
Hash 94a1820903fb1f98de19df188a6ad531
599ad7d04fd5b1fa13f334e95240a5a9f4a66583
6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57
GET /blogblog/data/1kt/transparent/white80.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 96
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:59:56 GMT
expires: Thu, 14 Dec 2023 15:59:56 GMT
cache-control: public, max-age=604800
last-modified: Wed, 06 Dec 2023 21:21:24 GMT
content-type: image/png
age: 16835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/blogblog/data/1kt/transparent/header_gradient_shade.png
424 B URL resources.blogblog.com/blogblog/data/1kt/transparent/header_gradient_shade.png
IP
File type PNG image data, 88 x 300, 8-bit colormap, non-interlaced\012- data
Hash 68d74f6988b7bcb8d69e382c1769f6af
956161f38d64d4fbf81cafe0b009339dcdbcb73c
4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3
GET /blogblog/data/1kt/transparent/header_gradient_shade.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://zakkasab.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 424
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:41:38 GMT
expires: Thu, 14 Dec 2023 15:41:38 GMT
cache-control: public, max-age=604800
last-modified: Wed, 06 Dec 2023 21:21:24 GMT
content-type: image/png
age: 17933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600
72 kB URL themes.googleusercontent.com/image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1594x900, components 3\012- data
Hash 4ab270dd6093509f090a07c56f48968c
8dd2837208402a8693bad821da6372a88d234f43
3a7d61cf392ed902d46b4fb1aa927bf31b4abc5cf31dd6dd7bba451446bd5a40
GET /image?id=1fupio4xM9eVxyr-k5QC5RiCJlYR35r9dXsp63RKsKt64v33poi2MvnjkX_1MULBY8BsT&options=w1600 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://zakkasab.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Fri, 08 Dec 2023 20:40:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 20:40:32 GMT
server: fife
content-length: 71706
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3519.050000.click/favicon.ico
1.2 kB URL 3519.050000.click/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 91abe01116ab422c598e9c8af72cf4da
0f2815fe8e067d48537ad168225ab4674271fa27
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
GET /favicon.ico HTTP/1.1
Host: 3519.050000.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3519.050000.click/?utm_medium=55b89ca58a6f3084226810c487ff5c87f7941aae&utm_campaign=smart1&1=18814367&cid=90affC1701981632affea15a84342273a582a315&np=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 07 Dec 2023 20:40:33 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wed, 31 Jul 2019 07:48:51 GMT
etag: "5d4147e3-47e"
expires: Fri, 08 Dec 2023 20:40:33 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7309955452144451694&website=21977-5c9db18f&placement=21977
4.4 kB URL www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7309955452144451694&website=21977-5c9db18f&placement=21977
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3484)
Hash 8ffc4bd0831332c84a7413b228500a76
0739ad5bcec2bb0d7296b9740cba44c34079f8ac
2eccc139fe60acaac1c7829bebdade072edf628ca38f2bf616fbe7aab05fcdae
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7309955452144451694&website=21977-5c9db18f&placement=21977 HTTP/1.1
Host: www.tropbikewall.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://3519.050000.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 20:40:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-transform
Accept-CH: Sec-CH-UA-Platform-Version
www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7309955452144451694&website=21977-5c9db18f&placement=21977&eyeg=354209601334173168552f311a202090&eyer=0.5278272987663521&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=3519.050000.click
302 Found 0 B URL User Request GET HTTP/1.1 www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7309955452144451694&website=21977-5c9db18f&placement=21977&eyeg=354209601334173168552f311a202090&eyer=0.5278272987663521&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=3519.050000.click
IP
Certificate IssuerLet's Encrypt
Subjectwww.tropbikewall.art
Fingerprint96:CD:1E:77:97:20:90:07:B6:97:97:FF:CB:6A:2E:1C:BC:95:B0:71
ValiditySat, 18 Nov 2023 02:12:43 GMT - Fri, 16 Feb 2024 02:12:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7309955452144451694&website=21977-5c9db18f&placement=21977&eyeg=354209601334173168552f311a202090&eyer=0.5278272987663521&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=3519.050000.click HTTP/1.1
Host: www.tropbikewall.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 07 Dec 2023 20:40:37 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7309955452144451694&website=21977-5c9db18f&placement=21977&eyeg=3&eyer=0.5278272987663521&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=3519.050000.click
www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7309955452144451694&website=21977-5c9db18f&placement=21977&eyeg=3&eyer=0.5278272987663521&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=3519.050000.click
302 Found 0 B URL User Request GET HTTP/1.1 www.tropbikewall.art/?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7309955452144451694&website=21977-5c9db18f&placement=21977&eyeg=3&eyer=0.5278272987663521&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=3519.050000.click
IP
Certificate IssuerLet's Encrypt
Subjectwww.tropbikewall.art
Fingerprint96:CD:1E:77:97:20:90:07:B6:97:97:FF:CB:6A:2E:1C:BC:95:B0:71
ValiditySat, 18 Nov 2023 02:12:43 GMT - Fri, 16 Feb 2024 02:12:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?sl=5706540-e4d07&data1=Track1&data2=Track2&tag=M7309955452144451694&website=21977-5c9db18f&placement=21977&eyeg=3&eyer=0.5278272987663521&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=3519.050000.click HTTP/1.1
Host: www.tropbikewall.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 07 Dec 2023 20:40:37 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330004a54b16fbef979e8d9ff3ec7a3dee4251207-202312-flb*5706540-e4d07*M7309955452144451694*sl_5706540-e4d07*1309b5feb3bd2fb18158a097c0ce190239b892d5*21977-5c9db18f*21977
www.tropbikewall.art/favicon.ico
0 B URL www.tropbikewall.art/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.tropbikewall.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Thu, 07 Dec 2023 20:40:38 GMT
Connection: keep-alive
admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330004a54b16fbef979e8d9ff3ec7a3dee4251207-202312-flb*5706540-e4d07*M7309955452144451694*sl_5706540-e4d07*1309b5feb3bd2fb18158a097c0ce190239b892d5*21977-5c9db18f*21977
302 Found 0 B URL User Request GET HTTP/2 admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330004a54b16fbef979e8d9ff3ec7a3dee4251207-202312-flb*5706540-e4d07*M7309955452144451694*sl_5706540-e4d07*1309b5feb3bd2fb18158a097c0ce190239b892d5*21977-5c9db18f*21977
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerGoDaddy.com, Inc.
Subject*.media-412.com
Fingerprint16:AB:3B:E7:5C:01:8D:17:4C:E5:2A:16:CE:5F:3B:FB:DE:12:ED:4C
ValiditySun, 09 Jul 2023 20:53:14 GMT - Fri, 09 Aug 2024 20:53:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330004a54b16fbef979e8d9ff3ec7a3dee4251207-202312-flb*5706540-e4d07*M7309955452144451694*sl_5706540-e4d07*1309b5feb3bd2fb18158a097c0ce190239b892d5*21977-5c9db18f*21977 HTTP/1.1
Host: admoustache.media-412.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 07 Dec 2023 20:40:38 GMT
content-length: 0
location: https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=65722dc6d25a00000116830d
x-adjust-use-original-forwarded-for: 1
referer:
referrer-policy: no-referrer
set-cookie: afclick=65722dc6d25a00000116830d; expires=Fri, 06 Dec 2024 20:40:38 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=65722dc6d25a00000116830d
200 OK 7.2 kB URL User Request GET HTTP/1.1 yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=65722dc6d25a00000116830d
IP
ASN #15699 OGIC Informatica S.L.
Certificate IssuerLet's Encrypt
Subjectyisparoturm.com
FingerprintCB:BF:DD:29:F9:01:9C:4C:8A:7C:71:D9:24:B5:CB:9C:86:5E:4C:AE
ValidityFri, 03 Nov 2023 09:26:51 GMT - Thu, 01 Feb 2024 09:26:50 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bf81cbc9d1edb41c2a54de28b3fbb450
09d115c1965c215fe813b930180aeb1a58e1ad90
1ae8bb2f8a3290215b2154d3e32e9e5f214523a5bed3103116d091c731db4266
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=65722dc6d25a00000116830d HTTP/1.1
Host: yisparoturm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Dec 2023 20:40:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: redirect_user_data=%7B%22country%22%3A%22NO%22%2C%22city%22%3Anull%2C%22isp%22%3A%22blix+solutions%22%2C%22netspeed%22%3A%22%22%7D; expires=Thu, 07-Dec-2023 20:50:33 GMT; Max-Age=600
_tracker_ikangoo=a%3A5%3A%7Bs%3A4%3A%22_key%22%3Bs%3A7%3A%22IKPANEL%22%3Bs%3A6%3A%22_subid%22%3Bs%3A16%3A%225002162474341639%22%3Bs%3A8%3A%22_country%22%3Bs%3A2%3A%22NO%22%3Bs%3A4%3A%22_isp%22%3Bs%3A14%3A%22blix+solutions%22%3Bs%3A5%3A%22_time%22%3Bi%3A1701981633%3B%7D; expires=Thu, 07-Dec-2023 20:42:33 GMT; Max-Age=120
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
yisparoturm.com/assets/js/backlink_back_button.js
200 OK 632 B URL GET HTTP/1.1 yisparoturm.com/assets/js/backlink_back_button.js
IP
ASN #15699 OGIC Informatica S.L.
Requested by https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=65722dc6d25a00000116830d
Certificate IssuerLet's Encrypt
Subjectyisparoturm.com
FingerprintCB:BF:DD:29:F9:01:9C:4C:8A:7C:71:D9:24:B5:CB:9C:86:5E:4C:AE
ValidityFri, 03 Nov 2023 09:26:51 GMT - Thu, 01 Feb 2024 09:26:50 GMT
Hash 7c847657cd58fd5f3b656c5dd486808a
54781827b08eb75f27786b20bfded403c3117a69
b1b1b5affe702bae9e97deabbdb3f19bcf8f12a1ddd410ff189c61c3bc159c06
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/js/backlink_back_button.js HTTP/1.1
Host: yisparoturm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yisparoturm.com/?cat=2&groupds=157&clientId=168&productId=1907&publisher_id=503&tracking=65722dc6d25a00000116830d
Cookie: redirect_user_data=%7B%22country%22%3A%22NO%22%2C%22city%22%3Anull%2C%22isp%22%3A%22blix+solutions%22%2C%22netspeed%22%3A%22%22%7D; _tracker_ikangoo=a%3A5%3A%7Bs%3A4%3A%22_key%22%3Bs%3A7%3A%22IKPANEL%22%3Bs%3A6%3A%22_subid%22%3Bs%3A16%3A%225002162474341639%22%3Bs%3A8%3A%22_country%22%3Bs%3A2%3A%22NO%22%3Bs%3A4%3A%22_isp%22%3Bs%3A14%3A%22blix+solutions%22%3Bs%3A5%3A%22_time%22%3Bi%3A1701981633%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 07 Dec 2023 20:40:34 GMT
Content-Type: application/javascript
Content-Length: 632
Last-Modified: Mon, 28 Nov 2022 14:36:48 GMT
Connection: keep-alive
ETag: "6384c780-278"
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
172.217.21.161
51.68.82.147
185.32.28.133
185.66.200.221
34.141.137.168