Report - sofiahalbofanimeworld.blogspot.it/2021/06/httpsnftgoddess.html

Report Overview

Visited public
2024-10-08 18:08:35
Tags
URL
sofiahalbofanimeworld.blogspot.it/2021/06/httpsnftgoddess.html
Finishing URL
sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html
IP / ASN
216.58.207.193
#15169 GOOGLE
Title
sofiahalbof anime world : all anime/illustration of weheartit/deviantart and [myedits by sofiahalbof]

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
late-anxiety.com	unknown	2024-03-18	2024-03-18 11:54:19	2024-09-25 08:14:32	3.0 kB	40 kB	88.85.69.211
pwk5m.icu	unknown	unknown	No data	No data	406 B	1.9 kB	185.66.201.43
	unknown				3.3 kB	768 B	89.58.14.251
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-10-08 08:32:59	907 B	32 kB	142.250.74.106
fundsruffianfollows.com	unknown	2024-04-08	2024-05-08 22:46:16	2024-09-19 19:11:49	436 B	12 kB	192.243.59.20
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20 16:52:05	2024-10-08 02:40:32	15 kB	648 kB	216.58.207.226
code.adclickppc.com	unknown	2023-05-22	2023-06-04 00:03:00	2024-09-25 04:03:42	2.5 kB	18 kB	89.117.21.238
apps-pnd.ctengine.io	unknown	2021-05-11	2022-05-19 09:23:13	2024-07-12 18:17:15	2.7 kB	4.0 kB	109.109.137.73
tpc.googlesyndication.com	126	2003-01-21	2020-01-16 09:35:32	2024-10-08 10:22:55	1.5 kB	13 kB	216.58.207.193
blogger.googleusercontent.com	16485	2008-11-17	2012-05-25 19:41:01	2024-10-07 19:07:28	7.2 kB	901 kB	142.250.74.97
services.7searchppc.com	unknown	2018-01-19	2023-04-07 12:18:02	2024-09-25 04:03:43	5.0 kB	5.7 kB	149.28.70.94
apis.google.com	105	1997-09-15	2013-05-06 22:20:21	2024-10-07 19:42:31	5.6 kB	437 kB	142.250.74.110
cdn.diclotrans.com	unknown	2020-12-09	2021-02-01 08:45:19	2024-09-24 05:57:46	5.1 kB	118 kB	188.114.97.1
play.google.com	34	1997-09-15	2013-05-31 01:24:35	2024-10-08 13:39:52	3.3 kB	3.3 kB	216.58.207.206
autofaucet.org	341274	2018-04-18	2018-07-15 05:47:54	2024-04-17 02:23:06	6.1 kB	229 kB	172.67.133.36
piclinks.in	unknown	2023-04-15	2023-04-15 19:56:48	2024-09-19 19:11:50	1.6 kB	26 kB	188.114.97.1
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-10-08 11:33:55	3.5 kB	934 kB	142.250.74.168
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-10-07 19:37:47	7.2 kB	15 kB	142.250.74.163
www.blogger.com	8975	1999-06-22	2012-05-22 09:35:03	2024-10-07 22:10:24	28 kB	683 kB	142.250.147.191
lonerprevailed.com	unknown	2024-08-12	2024-09-28 12:56:58	2024-10-07 19:32:39	2.8 kB	38 kB	172.240.108.76
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2024-10-08 12:30:07	874 B	836 B	35.158.166.153
resources.blogblog.com	13274	2000-09-15	2017-01-30 05:47:40	2024-10-08 09:25:29	7.5 kB	19 kB	142.250.147.191
thelifewillbefine.de	unknown	unknown	No data	No data	904 B	1.2 MB	202.61.204.169
coinzillatag.com	74933	2018-06-30	2018-07-14 14:28:18	2024-09-27 18:22:50	1.7 kB	10 kB	172.67.206.14
reminderasking.com	unknown	2024-08-12	2024-08-12 13:58:37	2024-10-07 18:45:04	482 B	493 B	192.243.59.12
themes.googleusercontent.com	9661	2008-11-17	2012-05-24 09:24:02	2024-10-08 08:10:53	1.6 kB	130 kB	142.250.74.97
network.eonads.com	unknown	2016-07-17	2016-08-01 11:55:21	2024-05-23 12:34:47	432 B	37 kB	172.67.135.26
dgbmining.online	unknown	unknown	No data	No data	2.5 kB	138 kB	188.114.96.1
static.a-ads.com	34827	2012-07-07	2013-06-01 18:47:05	2024-10-07 14:30:13	8.4 kB	4.8 MB	116.202.214.170
obtaintrout.com	unknown	2024-08-12	2024-09-18 10:25:03	2024-10-07 19:50:01	1.0 kB	37 kB	172.240.108.76
apps-gb1.adsgravity.io	unknown	2023-09-05	2024-08-21 00:21:38	2024-09-27 08:53:45	535 B	0 B	0.0.0.0
teleearnings.odoo.com	unknown	unknown	No data	No data	2.1 kB	690 kB	34.78.83.233
richinfo.co	285236	2019-06-20	2019-06-26 15:58:03	2024-10-07 12:22:36	429 B	26 kB	109.200.199.111
lurgaimt.net	514903	2021-04-01	2021-04-20 10:27:29	2024-05-22 23:31:46	513 B	763 B	139.45.197.237
request-global.czilladx.com	46220	2017-10-13	2019-03-16 18:58:02	2024-10-05 18:48:15	3.7 kB	5.1 kB	142.93.100.104
ctracking.io	unknown	2023-11-08	2023-12-20 10:00:18	2024-09-27 08:53:44	3.4 kB	7.6 kB	109.109.135.103
eu.convers.link	97064	2021-10-12	2021-10-28 20:05:06	2024-09-26 05:38:53	430 B	49 kB	109.200.199.111
acscdn.com	93608	2020-05-05	2020-05-06 10:07:13	2024-10-07 20:57:47	420 B	64 kB	188.114.97.1
wdnem.ajscdn.com	unknown	unknown	No data	No data	429 B	819 B	188.114.96.1
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2024-10-07 19:53:53	4.8 kB	1.8 MB	142.250.74.67
7ool.net	unknown	2022-11-09	2022-11-09 15:40:53	2024-09-26 05:38:54	869 B	35 kB	31.204.132.208
sofiahalbofanimeworld.blogspot.com	unknown	unknown	No data	No data	4.1 kB	41 kB	216.58.207.193
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-10-07 19:37:45	3.6 kB	9.8 kB	23.36.77.32
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2024-10-08 07:29:41	2.5 kB	189 kB	151.101.130.137
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2024-09-30 04:32:43	4.4 kB	395 kB	142.250.74.68
appsha-pnd.ctengine.io	unknown	2021-05-11	2022-05-27 10:03:47	2024-09-23 19:46:13	6.1 kB	390 kB	109.109.136.213
www.mypayu.com	unknown	unknown	No data	No data	526 B	0 B	0.0.0.0
digitalhub.odoo.com	unknown	unknown	No data	No data	2.6 kB	658 kB	34.93.222.88
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-10-08 01:14:07	17 kB	1.2 MB	216.58.207.227
acceptablereality.com	unknown	2024-05-06	2024-08-27 11:57:05	2024-08-27 11:57:05	991 B	701 kB	88.85.68.219
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-10-07 19:37:44	3.6 kB	9.8 kB	23.36.77.32
ad.a-ads.com	26970	2012-07-07	2013-04-19 23:54:57	2024-10-07 15:45:32	5.2 kB	523 kB	116.202.214.170
cdn.coinzilla.com	102786	2005-03-26	2018-11-13 13:01:47	2024-09-11 13:00:27	1.1 kB	50 kB	104.26.3.188
img.diclotrans.com	312450	2020-12-09	2023-01-26 15:41:47	2024-03-11 14:33:28	915 B	3.4 MB	104.21.54.145
e-earnings.odoo.com	unknown	unknown	No data	No data	2.0 kB	773 kB	34.93.11.120
coinads.online	unknown	unknown	No data	No data	3.6 kB	205 kB	188.114.96.1
cdn.surdotly.com	unknown	2012-12-12	2015-11-05 19:14:37	2023-11-11 16:31:47	864 B	4.1 kB	54.173.41.122
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2024-10-08 08:16:51	423 B	67 kB	162.19.58.160
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-10-08 03:37:28	1.0 kB	2.8 kB	54.230.218.11
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2024-10-08 02:36:33	1.5 kB	990 B	192.243.59.12
draft.blogger.com	73550	1999-06-22	2012-07-15 15:27:29	2024-10-07 13:36:45	11 kB	258 kB	142.250.147.191
ayelads.com	17249	2019-12-20	2019-12-20 18:13:51	2024-03-15 16:15:23	1.0 kB	1.8 kB	162.0.235.250
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-10-08 03:04:15	1.9 kB	33 kB	104.17.25.14
sofiahalbofanimeworld.blogspot.it	unknown	unknown	No data	No data	516 B	762 B	216.58.207.193
e5.o.lencr.org	unknown	2020-06-29	2024-06-07 07:39:25	2024-10-07 19:38:21	326 B	728 B	23.36.76.226
diclotrans.com	109297	2020-12-09	2021-01-28 16:52:58	2024-09-24 05:57:52	9.9 kB	11 kB	172.67.139.102
ad2bitcoin.com	232350	2019-01-29	2017-05-24 13:33:24	2024-04-14 18:37:02	1.1 kB	2.2 kB	162.0.208.108
steemitimages.com	262112	2016-09-16	2018-06-02 08:02:23	2024-09-05 07:22:41	1.2 kB	263 kB	104.21.234.125

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-08	medium	lonerprevailed.com	Sinkholed
2024-10-08	medium	lonerprevailed.com	Sinkholed
2024-10-08	medium	lonerprevailed.com	Sinkholed
2024-10-08	medium	reminderasking.com	Sinkholed
2024-10-08	medium	unseenreport.com	Sinkholed
2024-10-08	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (127)

	URL	Size	First Seen	Last Seen
	www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd	22 kB	2024-10-07 20:07	2024-10-14 17:15
Pretty URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd IP 142.250.147.191 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-07 20:07 Last Seen2024-10-14 17:15 Times Seen69 Hash 4ba1f1ddec2cdce9b396c3695fbd3488 78754afb3bc47c8a723da5b4dad40b6432f6a7b4 2cd2f67d39c8fb988af8513791f658e40194969918a188d18b30a64d81b736a5 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=23f3ghv0w0g1	69 B	2023-03-07 01:02	2024-11-25 02:32
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=23f3ghv0w0g1 IP 142.250.74.68 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2024-11-25 02:32 Times Seen86122 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu	1.1 kB	2024-09-26 07:42	2024-10-11 09:03
Pretty URL www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu IP 142.250.74.68 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-26 07:42 Last Seen2024-10-11 09:03 Times Seen98 Hash 2cc74d58e78adeeadce037790f2b5259 691faa85632c047528f9ed0da763378a56521754 763a23a1f872485e0fd80aaa22f743ef57d8d4722823157288492b6e3916a845 Loading...

	www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js	552 kB	2024-09-26 04:46	2024-10-22 12:15
Pretty URL www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js IP 142.250.74.67 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-26 04:46 Last Seen2024-10-22 12:15 Times Seen2509 Hash 33aff52b82a1df246136e75500d93220 4675754451af81f996eab925923c31ef5115a9f4 b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs	189 kB	2024-09-13 02:09	2024-10-21 13:24
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-13 02:09 Last Seen2024-10-21 13:24 Times Seen618 Hash 40ce8d1c9624826c3de087c8478ab7c1 646063e4267ae4385bedb0639f8bc6dd8b71c236 4966fc59206429f3408775b228c28beb1d80818fdddad27cc678ac34c01e5ab0 Loading...

		Size	First Seen	Last Seen
	#1 Eval - a172e75d812cea8be65d3e1513c6c0b9	2 B	2023-03-13 11:31	2024-10-11 08:51
Pretty Observations First Seen2023-03-13 11:31 Last Seen2024-10-11 08:51 Times Seen39 Hash a172e75d812cea8be65d3e1513c6c0b9 a51e3e84f466fbb7bba4c2f253220dfea0a7033d 0ac532d82e11914594324ada24bc85b21151d272b3cbb40fad5ea3a6f5d152e6 Loading...

	#2 Eval - 61a6f2652a0b6db05139abddb9b96ab7	38 B	2023-03-11 13:53	2024-11-25 02:37
Pretty Observations First Seen2023-03-11 13:53 Last Seen2024-11-25 02:37 Times Seen28085 Hash 61a6f2652a0b6db05139abddb9b96ab7 05548eab56f32db3c8c42fd2487a3f3b3ccf0ee1 cc6e0d6af3dc4f620458aa79c4f4c0631ebc1bd55a148f5e9a06ea8874885831 Loading...

	#3 Eval - c81daf5bba73edcb6cc177a738a11a4d	267 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash c81daf5bba73edcb6cc177a738a11a4d 86f8aa57eedce6f4b0d71332458391f2c1217099 e7fc1439e954296af667f5b86f8f14c535b991ee357c3aae3bb42758d490e76e Loading...

	#4 Eval - 8d9c307cb7f3c4a32822a51922d1ceaa	1 B	2023-03-07 01:02	2024-11-24 18:00
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-11-24 18:00 Times Seen6673 Hash 8d9c307cb7f3c4a32822a51922d1ceaa b51a60734da64be0e618bacbea2865a8a7dcd669 8ce86a6ae65d3692e7305e2c58ac62eebd97d3d943e093f577da25c36988246b Loading...

	#5 Eval - 19314fbd6d8e7289fb3ec523a7c660e2	290 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 19314fbd6d8e7289fb3ec523a7c660e2 e01d194138d2bc9835ba4ce3efe35099f5e56d53 53f06aa47d1842dc0a6dd9fa20aa22d6d57e7bdf6e26f903e53e44472d1350e8 Loading...

	#6 Eval - 6a962563e235e1789e663e356ac8d9e4	2 B	2023-03-08 14:33	2024-10-17 02:04
Pretty Observations First Seen2023-03-08 14:33 Last Seen2024-10-17 02:04 Times Seen403 Hash 6a962563e235e1789e663e356ac8d9e4 a547db31280d14f095c760a23a7523d0b1e55fe6 6dee04b73e8d3336654bca37a2d58c001f0bfc572f4bf0d46c38fc08002d4da7 Loading...

	#7 Eval - 09cad0014b9637b2af09af97a69b4e2d	77 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 09cad0014b9637b2af09af97a69b4e2d edac399894f0f8b896e1fe473b9349517289cdb0 7144b8e38f96fdc4afcd2760dfc3daef153b4d13b0c8c8af857bc2f61f9e83a6 Loading...

	#8 Eval - a1b02865a867266b99d36486d8de3df6	285 B	2024-08-18 00:48	2024-10-11 08:47
Pretty Observations First Seen2024-08-18 00:48 Last Seen2024-10-11 08:47 Times Seen2 Hash a1b02865a867266b99d36486d8de3df6 734c1ca797e5dfaca44563b64a776dfa4a680c3e 1e21f82ec207c17105edecc0d4770f7df034f60ab928f58743a9524043f56d7b Loading...

	#9 Eval - d9fcb9b0fa640c4d8af9924f7ddfed76	9.6 kB	2024-08-31 18:59	2024-10-11 08:47
Pretty Observations First Seen2024-08-31 18:59 Last Seen2024-10-11 08:47 Times Seen3 Hash d9fcb9b0fa640c4d8af9924f7ddfed76 9d14e36d46e6ddd72bf7d8e53ca832e10764857f 2466fab8e5278776d3a39d39e83d4dc232a0fcaf67a69bc58762a9d4f9d87201 Loading...

	#10 Eval - bc153a4af28eb0cd59dc2361996f07f1	209 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash bc153a4af28eb0cd59dc2361996f07f1 128b8959009e99f0d68e6fd87c835fcc081e2e5a 077bac5547316d8487d8694cc40d8ed9115d258a9ff48f028a8c7ae8f34baaf2 Loading...

	#11 Eval - c3f9558d681bac963339b7c69894c4f7	2 B	2023-03-07 12:38	2024-10-11 08:51
Pretty Observations First Seen2023-03-07 12:38 Last Seen2024-10-11 08:51 Times Seen448 Hash c3f9558d681bac963339b7c69894c4f7 06967d8e4a36243a7dc6404de1b1141f744adf2e 6956e1dffd6851cfa0b5461772d12f1dd7d22676f5eee2aad3ae7c0b630d5c80 Loading...

	#12 Eval - 812ebe15120504d58cd3a31b24943c8d	461 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 812ebe15120504d58cd3a31b24943c8d 2c61ceb3485f9cbc1370b0cc4e819870baf0e6e1 1079a49ae10486d69b80ab9e5da77c813292acf22ce8fb4b567e54b0e08c3362 Loading...

	#13 Eval - 6fa8991203bdd8ab8dac02b13610bc9e	233 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 6fa8991203bdd8ab8dac02b13610bc9e 2c01f913705406199ecd0ec3b22c1f604d0930fd 3027140fab2de162b0ca90ad644f2dc4e0c4303a3d70a43761bf212fde399437 Loading...

	#14 Eval - f9c46e1182482ce46282e4f53b39159d	160 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash f9c46e1182482ce46282e4f53b39159d c232143196e66b9ef86e8ed450dcce03946217ec daff6430f28d0bf26ef6860409b7df7e74281c9da28169a956a1022b99ad022e Loading...

	#15 Eval - b7539e6a032ec435aed76451ccab0b69	130 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash b7539e6a032ec435aed76451ccab0b69 fc58f8a316b2dae4c3315b48f174dc297d32b356 7a0bd2e310d4597c3659cca7593c2dc3eeda930ded909bd0a9d8e49b26e27b41 Loading...

	#16 Eval - 30840016d509e427b5ec9c1018b5f757	231 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 30840016d509e427b5ec9c1018b5f757 26d029e05db10dcc11480dae49b513e38110ac55 b77ba01c19ae0b91bb467475d581564f73f38e90e0d0866c84aea47fac60a5e0 Loading...

	#17 Eval - 5b54c0a045f179bcbbbc9abcb8b5cd4c	2 B	2023-03-07 01:02	2024-10-11 08:51
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-10-11 08:51 Times Seen130 Hash 5b54c0a045f179bcbbbc9abcb8b5cd4c 110c8a30c16070bf2813480d9492a1a170a7d80a f9e012396be65db022bd11de9308a9b40e04e492cc4ee8636c09fb83df4aa27b Loading...

	#18 Eval - cf8f8946005d274ddec48e59799d9bc9	82 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash cf8f8946005d274ddec48e59799d9bc9 5356fe3cc7b7ee86bbfaa50d2961b295a74a3f8b 2638e2726db45268ac09950fed74387929b997813c7a3edd5c068a99c631a761 Loading...

	#19 Eval - ec7d3f746cabb8c4adaf8315ac044b4e	427 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash ec7d3f746cabb8c4adaf8315ac044b4e da5d4ed6d857bc89f1dc1058b7dd60527a0cc39e ceec632abeb623c40e381bfaf69cc3b031832561cdc6eb27a1257a235b2b679d Loading...

	#20 Eval - 505c12bddda64825239d0b46ae354bf4	1.2 kB	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 505c12bddda64825239d0b46ae354bf4 60ff2c71e7fb2cd653198338a645f9c998996d8b 0a62ab133a6c83eb51de59ea1dcc6ed9f1478034a4238cdf1cff950f4a0ddf9b Loading...

	#21 Eval - 4a1ed4c78e2579e9dc901b9b2cba6dc6	79 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 4a1ed4c78e2579e9dc901b9b2cba6dc6 5d026b1638516385f815c913dfaa10b2670936b0 dcde6f064f60a9a47ca5332e950e7fda6560bb173b6830ef3d3c9ca871515309 Loading...

	#22 Eval - 4e655dcccde55da1f3c2f0af48a4162e	118 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 4e655dcccde55da1f3c2f0af48a4162e ad27b6a72770799406634a25747b46ad19afab35 1db181782c0473a85c4c7d6e505ccc08ebec0357951ff8c1bd0a0abb67b2474e Loading...

	#23 Eval - 891dd2d20ed54fa3ed7abe26a0bd1984	24 kB	2024-10-11 08:47	2024-10-11 08:47
Pretty Observations First Seen2024-10-11 08:47 Last Seen2024-10-11 08:47 Times Seen1 Hash 891dd2d20ed54fa3ed7abe26a0bd1984 13588aff17e90bb906a739eb6e47a7f7fcb52791 3066abc55294eb651817ba8d67e261b605d0368044b351905053557800fa40f1 Loading...

	#24 Eval - 31a2c2a1717cc1afe8ab9a1f89e0eff3	72 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 31a2c2a1717cc1afe8ab9a1f89e0eff3 4718b71c9c80a5c004d1e0ab00413326ebc44ca8 6564c5c562646b4ecf763a64a824bdc3990d351f1962657fa077713264a052ec Loading...

	#25 Eval - eb8faad9210886b9abf78adedc90ee82	480 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash eb8faad9210886b9abf78adedc90ee82 1de8b983e0466356e4cf21dff9c9d51e443e7bd3 c263021deefe1e5416256f671d1faedce5f7f46eb23c7487f25f2ff7815dd05d Loading...

	#26 Eval - 8ce4b16b22b58894aa86c421e8759df3	1 B	2023-03-07 01:02	2024-11-22 04:53
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-11-22 04:53 Times Seen6038 Hash 8ce4b16b22b58894aa86c421e8759df3 13fbd79c3d390e5d6585a21e11ff5ec1970cff0c 8254c329a92850f6d539dd376f4816ee2764517da5e0235514af433164480d7a Loading...

	#27 Eval - 6b657c34bf26eff9a82be70c18fabbfe	20 kB	2024-10-11 08:47	2024-10-11 08:47
Pretty Observations First Seen2024-10-11 08:47 Last Seen2024-10-11 08:47 Times Seen1 Hash 6b657c34bf26eff9a82be70c18fabbfe 23f749da8a3d4516f2463401bbc64903d9e52a91 74ce4b327092cae3ea61ca09003074be959a607be65dbc9c8841dd3cdbda6d21 Loading...

	#28 Eval - 171d33296ed64d86ad7afc910116afad	91 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 171d33296ed64d86ad7afc910116afad 6bac0bfebfab5321607c6a01a9f78cedba839998 2909ebb3e1029acbfbb4e5ebe5a4da05830d56f78b03fbb3e1ed25887a01b6a4 Loading...

	#29 Eval - bd5f79516c9194730572ef932ade8e60	95 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash bd5f79516c9194730572ef932ade8e60 bede8ed7d1473ecc2aed76a7c051dd728b256888 b3d165a6e5b38a0dc908ddc9745673420a43aca739242976ebb4636cfe98cb1e Loading...

	#30 Eval - d48a24ae9672ee573050e4d3aeeebe4d	29 B	2023-03-07 01:02	2024-11-25 02:37
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-11-25 02:37 Times Seen42145 Hash d48a24ae9672ee573050e4d3aeeebe4d 8f8c4d27852980a1ec5a8b1aba30769001314ec8 53e5b7d706a350fe98d52499058624e15cddc1541f17370f94a899a386c50255 Loading...

	#31 Eval - 2d7553be4ed58f1013acce2221488ab8	292 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 2d7553be4ed58f1013acce2221488ab8 2edb6e4e3cd8049010b4ba74de6a0556992de6e8 c916a0a7810526750dc3fcf852d2c892ffcd47bf1bc4f74e56dde1aa615d2478 Loading...

	#32 Eval - 379fd59aef35da6372469d6dcc172207	34 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 379fd59aef35da6372469d6dcc172207 324784cbf98bec2ebda58d96a040c3163bbf837b c844a1272c2a1b4787f0385a1690555a9c7fb59fba4cc2b494ccc7d4c5f88b98 Loading...

	#33 Eval - 67cdfe7d305b47dd7c1b0d17cec4cd36	162 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 67cdfe7d305b47dd7c1b0d17cec4cd36 eff17cd7b01840f46c43873674dd6ef512b8b690 c01773bed30baea1772b17fc18b72506ebab10921b9de92c58a067ddf42255a9 Loading...

	#34 Eval - e78cf885951f47a47bf1efcd5c9cc1c1	2 B	2023-03-07 12:23	2024-11-22 03:41
Pretty Observations First Seen2023-03-07 12:23 Last Seen2024-11-22 03:41 Times Seen113 Hash e78cf885951f47a47bf1efcd5c9cc1c1 ec67d7c6954f3372c76fa2cbfb73d72f5ddf9827 ab8f46084b4fa0fc8261328a5a71af267b1d1f8fe229c63c751d02a2e996e0ec Loading...

	#35 Eval - 1a3fb918392cd5cd6941628d7f7e3d38	79 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 1a3fb918392cd5cd6941628d7f7e3d38 32961d1a087e96f6fb792f74daddf93055f6efcc 5d54d18301d1096c8d36c95a218acb5ad2f2c292697ef7f6c01259d1db22c926 Loading...

	#36 Eval - 94fed6cbda78ea742096981199b28469	184 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 94fed6cbda78ea742096981199b28469 f814fb70ad8b8bbc758fb44788fe99c88ba4a890 92f9168d5170a6c2e2b44effae1593fbe8f597d273551b59eea800bb8a348983 Loading...

	#37 Eval - bae3f90cb000352645e35fad60da411c	35 B	2023-03-07 01:02	2024-11-25 02:37
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-11-25 02:37 Times Seen42125 Hash bae3f90cb000352645e35fad60da411c 00023f94c170125b979cb1914925d06ab1abfbce 1e3606d95ce27d593157594820335681a9380f51a96147303cd8000e60a95e12 Loading...

	#38 Eval - bb72e129d9a2235a2764076efdf9ce98	31 kB	2024-08-31 18:59	2024-10-11 08:47
Pretty Observations First Seen2024-08-31 18:59 Last Seen2024-10-11 08:47 Times Seen10 Hash bb72e129d9a2235a2764076efdf9ce98 001a9c8ee635030f5e53144e432fffb4ad5f334c fada96d99565f27c0749dcfba771f2eb552bc0f76e98b2b88153a8bbe548cb8b Loading...

	#39 Eval - 5f02f0889301fd7be1ac972c11bf3e7d	2 B	2023-03-10 06:52	2024-11-12 13:38
Pretty Observations First Seen2023-03-10 06:52 Last Seen2024-11-12 13:38 Times Seen52 Hash 5f02f0889301fd7be1ac972c11bf3e7d 600ccd1b71569232d01d110bc63e906beab04d8c 959a45d44e6fcf58361ed004681556fe50129f2109e817dec098c00c9e5d2578 Loading...

	#40 Eval - 64de192ee583a4494c5d9d15d3b63c32	482 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 64de192ee583a4494c5d9d15d3b63c32 6c85201ec7cecf40507ca6964ade93c4e1396c7e 6ce781b1c0fd3456b810ddde36a3adb68e8d62670b7cd20842a5c996efbe5caa Loading...

	#41 Eval - d60ddeb7115b41880f1bfc4d2090bcd5	85 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash d60ddeb7115b41880f1bfc4d2090bcd5 74aa6a44c8de934c25ef39348bd86d6cb81007f8 5d256d1ca77a05416a7a0148b366a68adc2c40e4fd22cc0aa3c88a928d0ca08d Loading...

	#42 Eval - 6b0939c662f608155ded69796e7fda00	52 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 6b0939c662f608155ded69796e7fda00 31ad14b2eef4e2b2673cdc7707847041993efc76 0a87296b2af6342b5850f2d536875f3c91e54342dc132f6dfa7ae68b29e0bb6c Loading...

	#43 Eval - d288c27f6f432c40e89f6df08249db19	66 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash d288c27f6f432c40e89f6df08249db19 e2f30f7fcaacc26ac70e1602f9804279243ca530 0d0d22f51a8e892a54b9585b46828987bbb33ad93a01166ae5894b5791da218f Loading...

	#44 Eval - d20caec3b48a1eef164cb4ca81ba2587	1 B	2023-03-07 01:02	2024-11-22 04:53
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-11-22 04:53 Times Seen5970 Hash d20caec3b48a1eef164cb4ca81ba2587 d160e0986aca4714714a16f29ec605af90be704d 72dfcfb0c470ac255cde83fb8fe38de8a128188e03ea5ba5b2a93adbea1062fa Loading...

	#45 Eval - 5640486daa6880d667b76c958820361a	2 B	2023-03-26 06:46	2024-10-28 20:10
Pretty Observations First Seen2023-03-26 06:46 Last Seen2024-10-28 20:10 Times Seen67 Hash 5640486daa6880d667b76c958820361a 40b25eac438260c9ad4e3142adc38a8d0885e5f3 4e1195df020de59e0d65a33a4279f1183e7ae4e5d980e309f8b55adff2e61c3e Loading...

	#46 Eval - d26fcd9acea8c1c2ecfc11fd4b67a62f	22 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash d26fcd9acea8c1c2ecfc11fd4b67a62f e3823e5581912a337e9f5442384792a85ac27a24 16c0582ad23793cf3956ac49d90cebadb84569583cd20f1cd432fcaad916a119 Loading...

	#47 Eval - bdbb4f5d421cb1f846bfae9c7aa8f797	246 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash bdbb4f5d421cb1f846bfae9c7aa8f797 0c53a0502347b2605ecbd28aaf0f4b7d859ec29a 250e47d5f1d76c4d7323fd3ace38ce45eb7a5bedc7d38a28a85ebe5c8d9f2ec8 Loading...

	#48 Eval - 165983cdf105ac6e8987d8d71a154c60	54 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 165983cdf105ac6e8987d8d71a154c60 cf40d8886996251399dcad673eb1391fa0567fde f3da3d3d67b4d9e202fac8e0283945ad942ff02550fb61ead5f6bfc7c9c85c2c Loading...

	#49 Eval - 2e635107510edc411a2b54102b7c164b	76 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 2e635107510edc411a2b54102b7c164b fba13d24f0898281128476827515f31bec72b7d4 9278502a254b33da8f3dfdae3998e364598513b90424db4583fc14d0eb9ebe2b Loading...

	#50 Eval - eba0667a375ffb306f64875dcc09663e	94 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash eba0667a375ffb306f64875dcc09663e fa4565396ec2200f8a4a58bf72bc3301aabc774d 929d3680f1d8f91da8ff64393d4d9aabd65b63f01ff7a4b76d241aebe7e8f952 Loading...

	#51 Eval - 21de26caa6bcfc936378c4e45d235bd9	2 B	2023-05-10 09:38	2024-10-11 08:51
Pretty Observations First Seen2023-05-10 09:38 Last Seen2024-10-11 08:51 Times Seen422 Hash 21de26caa6bcfc936378c4e45d235bd9 07a65dd6489a00292c1aedf7d46981d92654f653 6ee2cc105a67743140cf7e4ac3486675272a77d64b48ccb066d5f3d5bc620be5 Loading...

	#52 Eval - acc87114246b41f3564867a950a18cd5	76 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash acc87114246b41f3564867a950a18cd5 c3a4329258f9bce084d7f8009dee617f2259a5dd f03c7238d45155e7274007777a2e53021c81afa3935234472d440a5ffb1255b2 Loading...

	#53 Eval - 7cfa770bc4fe4c767627b258b5ba6a6b	129 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 7cfa770bc4fe4c767627b258b5ba6a6b 8312b16a075d5555ecbcdf52c872cbe4b64b503f 991f3af050364478d1d389a72ecc3a2dbe9cc0bfd3547b986f5aa8c948ed04cf Loading...

	#54 Eval - 37a6259cc0c1dae299a7866489dff0bd	4 B	2023-03-07 01:02	2024-11-25 02:37
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-11-25 02:37 Times Seen47487 Hash 37a6259cc0c1dae299a7866489dff0bd 2be88ca4242c76e8253ac62474851065032d6833 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Loading...

	#55 Eval - 93b0fee7d317a5b10fe75d8eddf20623	59 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 93b0fee7d317a5b10fe75d8eddf20623 8592ad468c2095d156d7f5d817f9b81b2152e65b ef4ec094ddcd0d96ec6cfb297728827370151596b53cae4365c16959f7466735 Loading...

	#56 Eval - 48333a64ed78da919a122251c0317ca8	25 kB	2024-05-21 01:20	2024-10-11 08:47
Pretty Observations First Seen2024-05-21 01:20 Last Seen2024-10-11 08:47 Times Seen12 Hash 48333a64ed78da919a122251c0317ca8 478412e3f8a3b38b52e4a91151d23650192f1a42 bc7a425ce74bee14ba2ed9f1046209502b47d230871c0dcc096205caf700689f Loading...

	#57 Eval - 4e235a3a71ed4c19864e179fde792f77	25 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 4e235a3a71ed4c19864e179fde792f77 33e3ce2f54579817ae506e10ae17cebb8bab951c bc14baab56c93b501c7828748ae811221b7ecb69a29f89f58d4edf8e862267f5 Loading...

	#58 Eval - 2ab5564b805d8065f4bcf81060472746	2 B	2023-05-24 11:04	2024-10-12 13:51
Pretty Observations First Seen2023-05-24 11:04 Last Seen2024-10-12 13:51 Times Seen43 Hash 2ab5564b805d8065f4bcf81060472746 4ffa4b4f16536b6cd9c214ad709217c8062bcc99 b82e2178ecf4d0c5859dc2e169d7fed8673f9f6eeb9f3591bed5f253b7742408 Loading...

	#59 Eval - f9b546c7c128df8f0c0cb72a40ce161e	136 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash f9b546c7c128df8f0c0cb72a40ce161e 7fdfab47ea2c93f36326c35a7969b7903c4d0eee 4c2c6702ace0f33ffeab76b62365130a27a0f2eacc0ae1d707359c5b11d8ffe4 Loading...

	#60 Eval - 0d80d99d7f209071a284c9ab6d14accf	83 B	2023-03-07 01:02	2024-11-25 02:37
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-11-25 02:37 Times Seen42259 Hash 0d80d99d7f209071a284c9ab6d14accf c91e7389c28a7b35eeb114484808a20cddb8c20e 0cb21d1de060008bab472c15c63e6f15828de601f85deff00d701d26c0f6819a Loading...

	#61 Eval - f970e2767d0cfe75876ea857f92e319b	2 B	2023-03-07 13:57	2024-11-18 18:37
Pretty Observations First Seen2023-03-07 13:57 Last Seen2024-11-18 18:37 Times Seen796 Hash f970e2767d0cfe75876ea857f92e319b df211ccdd94a63e0bcb9e6ae427a249484a49d60 f4bf9f7fcbedaba0392f108c59d8f4a38b3838efb64877380171b54475c2ade8 Loading...

	#62 Eval - d292a646965005dcfcc746a0c228d7d0	22 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash d292a646965005dcfcc746a0c228d7d0 fbe13b90de0ecfd77c7e8861ab656bfcd333b01e 17feec3a02d415ca83fadd6a0e660fbac3ba3166308b84bb7f48ac8fad8cb268 Loading...

	#63 Eval - 9bd1a2a9d4e7c2964d32c1c097fa16cc	131 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 9bd1a2a9d4e7c2964d32c1c097fa16cc aa4209dac34095b3f2faebea594910e78157e302 2c0fe1402b000bf9511910cadfed0de304a9af75832988278950f42e47b49c04 Loading...

	#64 Eval - c1accf7c5dbdecaffa1c5b9cfc3d2667	22 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash c1accf7c5dbdecaffa1c5b9cfc3d2667 fae092acbb561ae127b1ae895888c5a6e982a852 4ce3fda96aa1e6f31a4454838df1ee42c64cbda5e12d424dd9eaa305c48ec226 Loading...

	#65 Eval - 12e09481f9edfbdbd63312850dcf21f8	22 B	2024-09-19 16:06	2024-10-15 06:57
Pretty Observations First Seen2024-09-19 16:06 Last Seen2024-10-15 06:57 Times Seen1153 Hash 12e09481f9edfbdbd63312850dcf21f8 c4449d57370a72e8cdae261691e2060cc3fcb20f 564d5103f7576b22a35d306373ea15b37e992f434335d9ed3b8e7103720bb941 Loading...

	#66 Eval - 4b43b0aee35624cd95b910189b3dc231	1 B	2023-03-07 01:42	2024-11-22 04:53
Pretty Observations First Seen2023-03-07 01:42 Last Seen2024-11-22 04:53 Times Seen6761 Hash 4b43b0aee35624cd95b910189b3dc231 4dc7c9ec434ed06502767136789763ec11d2c4b7 454349e422f05297191ead13e21d3db520e5abef52055e4964b82fb213f593a1 Loading...

	#67 Eval - b546ba636b5f491fe6714811fb81931f	94 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash b546ba636b5f491fe6714811fb81931f ad711f2a7d6197935bcbf1d1bd81e6e0a9cdffb5 10a44e77b7b32ae07a552c43e9a080c82579e9ecad4cbfcb9c4341c036f8c350 Loading...

	#68 Eval - 2240caeb501f84e97335864d16b058d5	164 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 2240caeb501f84e97335864d16b058d5 45f989df2012b957ed5100f3a4a8c8c61c41a9c9 4e863987e593ba00b60f6d26a04a034dd9f56993e363e41ab08c4670cacefc71 Loading...

	#69 Eval - deeed1c3c8d640034ad3ad2b614fb847	49 B	2024-02-15 00:27	2024-11-19 16:09
Pretty Observations First Seen2024-02-15 00:27 Last Seen2024-11-19 16:09 Times Seen576 Hash deeed1c3c8d640034ad3ad2b614fb847 ad8647fee51f98b8ae2607c9e312c68870beb678 50e309c7fed7a0ace2185911b007c6834817bb5b5b74dd0aaeb761b1618b99de Loading...

	#70 Eval - 9c46e3fc6ed715cff38304fc7da04a27	22 B	2024-09-19 16:06	2024-10-15 06:57
Pretty Observations First Seen2024-09-19 16:06 Last Seen2024-10-15 06:57 Times Seen1158 Hash 9c46e3fc6ed715cff38304fc7da04a27 69ce72edbc1a5fc9d033e5edbc0e6fb491c4ebd8 e0e4409feac6d2f27054c4b2459df9ba4d0285b4bfaed491b2ee5b80b6b275da Loading...

	#71 Eval - 314da9c11905fa0644e13b5b169ef2f0	1.2 kB	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 314da9c11905fa0644e13b5b169ef2f0 905a7b76ae5a27d7904cd1d78c8b7b7863c42d87 623f4846b9fd5ed2a5b098d2e97f644761cf5b955540f7ef2efb876b1ccde2a3 Loading...

	#72 Eval - bd5b9339ec99c266f499db576dac4b75	79 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash bd5b9339ec99c266f499db576dac4b75 a757a1847738b88f9ceb6ae84e36cd1bc21eb016 fa8985e27f190624e223856edf38a75984058dfee7aecf7227e0fda633aea0e5 Loading...

	#73 Eval - 8cf6acab2b32d96143d389f3ec3f1f1b	132 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 8cf6acab2b32d96143d389f3ec3f1f1b 4ba8c9c00cbe6e1b1efa8b373ce1aa5db9aed34b f6f850fa5c617498e0ffbf7e4b11cc680555df8b89a94f5d7b63503948bc5a4a Loading...

	#74 Eval - da5c9bebe1a27f18a28e89b62b49ed61	253 B	2024-10-11 08:47	2024-10-11 08:47
Pretty Observations First Seen2024-10-11 08:47 Last Seen2024-10-11 08:47 Times Seen1 Hash da5c9bebe1a27f18a28e89b62b49ed61 88941c1d110c32986c3811957a3acbc20f739773 3bdfeaa91e91cbbaf41421da600df14e3b6abc598d20423eadd9f5f600f64262 Loading...

	#75 Eval - e22389dd541af625943f34756093b4c9	2 B	2023-03-08 14:33	2024-11-09 13:59
Pretty Observations First Seen2023-03-08 14:33 Last Seen2024-11-09 13:59 Times Seen487 Hash e22389dd541af625943f34756093b4c9 30e744e228185ab43d73eba023b037a4762f941f 6e21e796d1b752687a08d1111d761124a65228dcfaebe3193bf65ccf9264528c Loading...

	#76 Eval - 2a7de1f8bd5a82e46be3eeb3fb10ce13	22 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 2a7de1f8bd5a82e46be3eeb3fb10ce13 c5dfb43f3409cdaeeb99b651e1c3173e1c6ddcbc 4fe75878e960ed30295b37845816d204d4dc37869c8448397fae4df6655c8d39 Loading...

	#77 Eval - e78c6f3c3d72d406f864d2e95608c3df	79 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash e78c6f3c3d72d406f864d2e95608c3df 5f8e0f0af1f176e1f0585e18c43d93451e330809 03a5bb9c44649c19e2f08ce821d2a78206873ed32205f661fe9c7233e7a5772e Loading...

	#78 Eval - 4f0d52181df7f0466fc991d824f60897	107 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 4f0d52181df7f0466fc991d824f60897 6f378327588193152bf58c4745ecc42394d77341 ad165c1ae2281403a79292458075813e97403f4ac3d276a913446cc62b94429b Loading...

	#79 Eval - fdbd9537b854d1fe58bd5682d098f65b	354 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash fdbd9537b854d1fe58bd5682d098f65b 7a17d1cb70e2a9a0add2dbc64d93c535526ca239 f51542648f40dd1dd4aa39d0fb8588b18e27437bddaa8a30373d88ea56c42be6 Loading...

	#80 Eval - 9804664e618f6ad239cdccf1f7cc2a13	155 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 9804664e618f6ad239cdccf1f7cc2a13 b31b8d205a44c99a544eb2b51d50ab4e1dcf2087 e03d1bdb339e8aa7e6d2fb946b261f95ad26044b2de6881fa88f8f58847a21d3 Loading...

	#81 Eval - 79bbad6eda8dac5c91709592c11d3c16	415 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 79bbad6eda8dac5c91709592c11d3c16 f1962a35f63f821a73f9c7da1b7a450584ef2af1 5d1bbc880bc5de6e640eaf3c24ff2dfada5df38246272862194cf3e17a612341 Loading...

	#82 Eval - 511685e91c0f0ede4ee828d4fc7f5922	297 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 511685e91c0f0ede4ee828d4fc7f5922 522f66bc6d433886244ea12ff2871fd91f8902d0 c088e44a416c1a3fea5effd76b28639086d2c9cc5c2592c972ea3433ecdde720 Loading...

	#83 Eval - 24cc3dc813f384fde380df619f1525cb	19 B	2023-03-07 01:02	2024-11-25 02:37
Pretty Observations First Seen2023-03-07 01:02 Last Seen2024-11-25 02:37 Times Seen37930 Hash 24cc3dc813f384fde380df619f1525cb 56399e3ce57ff98d68c7de98a563e572230dff6b 5421715bbdaf2550e31d10fc28d444310a8fe7147bbddecf0abb490358a1553b Loading...

	#84 Eval - 3bdd637c21e5905321405953fbd4c2ad	2 B	2023-03-13 14:24	2024-11-22 03:21
Pretty Observations First Seen2023-03-13 14:24 Last Seen2024-11-22 03:21 Times Seen198 Hash 3bdd637c21e5905321405953fbd4c2ad cf465c5d8aaaf7360445970f994331165615b37b 217375b7503b126e9d49d825cd11e745e44f4e6ec26b02c7c5ff71ae1d22b22b Loading...

	#85 Eval - 0f7ddb62742636b6ed9c179c6b736a6b	57 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 0f7ddb62742636b6ed9c179c6b736a6b a0abb8ef93bb31b87002d1eb98436a99fc97c398 6e86926b875188080147e480aabae93f26a5dbd17f635271ef2bc9c530ec0d2f Loading...

	#86 Eval - 693736b93bc82a6385bd760bf9f797cf	524 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 693736b93bc82a6385bd760bf9f797cf aec46f83af3b4a5d3885b327b2867a0d7e5663db 881967fe3426092102b71f0ba61f2d9ad6c691b627d17c3e3c89d3dfbe529f76 Loading...

	#87 Eval - 100844cac8fb76f538295dcac19d9a9b	233 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 100844cac8fb76f538295dcac19d9a9b ccaa13cf8b13910540f6e6bf6914df6fe67168c4 5d0b3340d311fedc48d8f89d41d2a5c514cc42e17f3a12e336ea66f0afeb9239 Loading...

	#88 Eval - 1580a01b7e00b59e286514ad17182898	22 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 1580a01b7e00b59e286514ad17182898 7a3d3c93b6b278d9e0c5f0b254224f0ffb4c0b5d 549756ea1a59de0e5d57976cd121cee9940110d0f1dcbb4df435e51d39bf26a1 Loading...

	#89 Eval - a76aad3e52c09ce49334b2265e56806a	324 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash a76aad3e52c09ce49334b2265e56806a 12b0d647000effa8f508a80df2f135a352b70a2d 5882855e6071670738a9e8342b5cbe514bb2ed53b7957d14c3af0177d65b413e Loading...

	#90 Eval - 0c03c9a40ffec4b4981e5bd76749e21b	301 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 0c03c9a40ffec4b4981e5bd76749e21b 8df0734fdba656fbadd59c72ed3ebffd4ebc5836 48a886a5b24e07c6fc19cb4c2750dbe16d77a20ca2c253fe7aaae17463dbf9c8 Loading...

	#91 Eval - 69691c7bdcc3ce6d5d8a1361f22d04ac	1 B	2023-03-07 01:15	2024-11-22 04:53
Pretty Observations First Seen2023-03-07 01:15 Last Seen2024-11-22 04:53 Times Seen6222 Hash 69691c7bdcc3ce6d5d8a1361f22d04ac c63ae6dd4fc9f9dda66970e827d13f7c73fe841c 08f271887ce94707da822d5263bae19d5519cb3614e0daedc4c7ce5dab7473f1 Loading...

	#92 Eval - a608b9c44912c72db6855ad555397470	2 B	2023-03-14 18:33	2024-10-11 08:51
Pretty Observations First Seen2023-03-14 18:33 Last Seen2024-10-11 08:51 Times Seen311 Hash a608b9c44912c72db6855ad555397470 f0a1ce6f80112d72f7276457fd261d671b827567 0e6ba33f8bc8f41515b9d77c0e27c07ad66f2ae9b09dd7561729d6cd4d27c292 Loading...

	#93 Eval - af69e868fa991aa709be0407b44303c2	2 B	2023-03-08 15:11	2024-10-11 08:51
Pretty Observations First Seen2023-03-08 15:11 Last Seen2024-10-11 08:51 Times Seen561 Hash af69e868fa991aa709be0407b44303c2 71c61b37a1fb8e1a7e4ac03baa0e5464f63ebf15 688c5a4a65af33d6ddb7a8cb8e0d934e42d0f417a1b0fb6f755e050aa15a9dae Loading...

	#94 Eval - 3ba631fffaea4e75e98e53aa4cb972bf	75 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 3ba631fffaea4e75e98e53aa4cb972bf aa5601841f50be3120920050eb237924f499b54f acc6f47db22d8fd7893d5e9b01f452a72029ab8fe79c50babc96d3b8e3b90f52 Loading...

	#95 Eval - 429c90abe54ae25bf666b92823726520	22 kB	2024-10-11 08:47	2024-10-11 08:47
Pretty Observations First Seen2024-10-11 08:47 Last Seen2024-10-11 08:47 Times Seen1 Hash 429c90abe54ae25bf666b92823726520 24b296227bf849fd102e37212a642a14b891389c 471540f3592bd47cbb108ecfb0990eeca8355531d1a2dfd39da1d927b63b3b57 Loading...

	#96 Eval - 0ba64a0dea00947916dfb6a66866e1ca	2 B	2023-03-07 13:20	2024-11-12 13:38
Pretty Observations First Seen2023-03-07 13:20 Last Seen2024-11-12 13:38 Times Seen154 Hash 0ba64a0dea00947916dfb6a66866e1ca a9060bd5525711459bfd3fbd9a5d9658cfa6338a 309d20864f274b097f64106ec08fde76b42486d4e2f7165c7a9a233533dd8fc3 Loading...

	#97 Eval - 12eccbdd9b32918131341f38907cbbb5	2 B	2023-03-08 21:28	2024-10-11 08:51
Pretty Observations First Seen2023-03-08 21:28 Last Seen2024-10-11 08:51 Times Seen68 Hash 12eccbdd9b32918131341f38907cbbb5 c387c982a132d05cbd5f88840aef2c8157740049 3ac1ecbd2220c6757eb9f289fee88c4068c6791c5b0affef7644e77adfc97b45 Loading...

	#98 Eval - 6cac4e3c8c27e43c6c09c73b0c206842	538 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 6cac4e3c8c27e43c6c09c73b0c206842 b6a971b1700fb037777c1e95bfacdbf069220987 2155c91042f5eed8b02f08f38cb09e08b345e6a4b71a7cd17a758647237c3ee6 Loading...

	#99 Eval - 06748417b065c13881e019b020d09788	98 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 06748417b065c13881e019b020d09788 10dea130385ac44fc9c3e6980c5e1f56258f24da 9c70013c28f76b40792464b5b4b9f1c3cf3ccdf464d2f36e643a61c76ce24c45 Loading...

	#100 Eval - 81ef86acc3afc5328c6806d1ba9a6f87	141 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 81ef86acc3afc5328c6806d1ba9a6f87 40ac2a155da34c214ec791993f0a1e1d5579c02e 220f5a58464804fe388693d651cb551202374d59d853fcf6cc7bd7a7474399fe Loading...

	#101 Eval - ec60f334f1f4e6b812f5f11478195287	2 B	2023-03-07 16:58	2024-10-11 08:51
Pretty Observations First Seen2023-03-07 16:58 Last Seen2024-10-11 08:51 Times Seen423 Hash ec60f334f1f4e6b812f5f11478195287 301c0ba447218ae97253e0dfda680478b363c59f 751ec3d87173b82642d481f7f29fb45250d450d65d199f1bc9d9c2d684dcb6ea Loading...

	#102 Eval - 1651982e1ef59fbc3e9db66dbe7759d5	2 B	2023-03-10 11:14	2024-10-11 08:51
Pretty Observations First Seen2023-03-10 11:14 Last Seen2024-10-11 08:51 Times Seen1349 Hash 1651982e1ef59fbc3e9db66dbe7759d5 0c221b9f489dfeffc42254a5e00bed663eef7ff3 0bb404b255c8235d6d5113cc3e49262a99c374b16f16cd6bf2380052b091c876 Loading...

	#103 Eval - 533f4c9b5413d9ecbf6284f110a9789a	2 B	2023-03-07 12:03	2024-11-12 03:58
Pretty Observations First Seen2023-03-07 12:03 Last Seen2024-11-12 03:58 Times Seen161 Hash 533f4c9b5413d9ecbf6284f110a9789a 76884bd25765113ed02aea70bacc2a8910e6be17 c3c81c2b9a9ae9e358d68fc47dbc8596f19b420011e71c657d1616f14fb77917 Loading...

	#104 Eval - d33d9f4e33bf2ccbe668e4543701bce6	160 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash d33d9f4e33bf2ccbe668e4543701bce6 4d516ca846148427f2986253338cbaab047ed0f1 cf9a27c2169abd62ac7e8f9d1705d13df1a371858dd9132f903519789ae4273e Loading...

	#105 Eval - a0cff8439dec3c9330db2ab4d0e200c4	992 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash a0cff8439dec3c9330db2ab4d0e200c4 503bed56996dd631d234e2cb0069e59c6e0ead9e fa91744f7d79e7d31cf03015a4cff319b4d3b3be39baf37bc3d97792bd3f1b2e Loading...

	#106 Eval - 316e711c82258b2ac7ce33b24f209509	22 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 316e711c82258b2ac7ce33b24f209509 029c0e090f8aa10742b10c479b31c7171405106f 8b1ed18def1b40810e0fe45a7a93e2730209717ab7c5c35ce79749c5f37f323e Loading...

	#107 Eval - 47fba063c6dcccd8e5897f2cb2812bf7	138 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 47fba063c6dcccd8e5897f2cb2812bf7 2f657fcccdc3a4eb0520d7e229b41fb2421448a8 f5ae84dfeafbba3822bdd0252f917e98191e79f4296b59df5e462bf2d56e891b Loading...

	#108 Eval - df97eabb5ac87957efd6669b468cb63d	356 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash df97eabb5ac87957efd6669b468cb63d fd557598a3e95328bab1afd1dfa9ae997af53ce1 f5bd861a9234a8c2865dfc82bb9c4b538b0e1853c2e72f5822d2f4a57fa45b80 Loading...

	#109 Eval - 7fab19d21798991f682fe10461bb5d85	26 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 7fab19d21798991f682fe10461bb5d85 592442cb7eab8f35a616df85b0d99d3676612cb2 9ff43141cb4b583c3321bf94d63ac5f4cc87596c4a73cc501c2100103b5ec360 Loading...

	#110 Eval - 6f8f57715090da2632453988d9a1501b	1 B	2023-03-07 12:09	2024-11-22 04:53
Pretty Observations First Seen2023-03-07 12:09 Last Seen2024-11-22 04:53 Times Seen6267 Hash 6f8f57715090da2632453988d9a1501b 6b0d31c0d563223024da45691584643ac78c96e8 62c66a7a5dd70c3146618063c344e531e6d4b59e379808443ce962b3abd63c5a Loading...

	#111 Eval - beb08880e078ea47f8257ba107c5cee2	231 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash beb08880e078ea47f8257ba107c5cee2 9c26a45a80e4cffd147baf452c22ec470d511a1e e41bea5308e3de0ca8bf2bf3bd3066bd721bde337f32b5f3a350c674b81ecc86 Loading...

	#112 Eval - 59662f98d9901010d08e22f15d75aa99	62 B	2024-09-19 16:06	2024-10-15 06:57
Pretty Observations First Seen2024-09-19 16:06 Last Seen2024-10-15 06:57 Times Seen1148 Hash 59662f98d9901010d08e22f15d75aa99 b8f3ca4b7ee0d5cdb0e00ef156f1797f94ed857e 2d6165e2afbe4151c0864f1491258b3bd2303fce911664d9adef0da045ec635f Loading...

	#113 Eval - 023e7f30331e801928bbf96efb62d414	217 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 023e7f30331e801928bbf96efb62d414 f77217b5ea64932751b2c36555fd2c8eaeede121 f0748d9366384b59cba237a7d4bfa47a1b7044d5673337207d6840143718615b Loading...

	#114 Eval - e213815f8e0b9954f8d43e3a59f8b742	14 B	2023-03-07 01:11	2024-11-25 02:37
Pretty Observations First Seen2023-03-07 01:11 Last Seen2024-11-25 02:37 Times Seen2631 Hash e213815f8e0b9954f8d43e3a59f8b742 563796cb191f082f24fc52b017905533a0ceccc5 842c53eb438fb28e95c14d32423b0fe01bf557c9e623b684b19663d497bce97e Loading...

	#115 Eval - d50878e9e6a825e4e946b5504757f185	697 B	2024-05-15 03:30	2024-10-11 08:47
Pretty Observations First Seen2024-05-15 03:30 Last Seen2024-10-11 08:47 Times Seen4 Hash d50878e9e6a825e4e946b5504757f185 e4d714a00ead20b7079d8b3989f6cf449cc4fe7e 4661af2a1102d437be6149188d92d82b5e8991bf8e942d2ba0834250c0e44677 Loading...

	#116 Eval - 7c271f7145becf144fcb6a51b5bb9861	54 kB	2024-10-11 08:47	2024-10-11 08:47
Pretty Observations First Seen2024-10-11 08:47 Last Seen2024-10-11 08:47 Times Seen1 Hash 7c271f7145becf144fcb6a51b5bb9861 8ceb7b727a2b6612dcc806b11e89c10099db5268 a813b36f30b6620c366645c01e913ffcbbde70b21af1bff740419f1fa4d1d3c8 Loading...

	#117 Eval - e1c8d6afea4f32995079c2cbe83ca97b	576 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash e1c8d6afea4f32995079c2cbe83ca97b 474b59975fc7c357b82791bd8ad811361ce026b0 d0740c4a30059f2ef8af5027cca9372ddc4430fa5316315b2e7cd1fadcb5ab7e Loading...

	#118 Eval - e1671797c52e15f763380b45e841ec32	1 B	2023-03-07 01:15	2024-11-25 00:43
Pretty Observations First Seen2023-03-07 01:15 Last Seen2024-11-25 00:43 Times Seen5115 Hash e1671797c52e15f763380b45e841ec32 58e6b3a414a1e090dfc6029add0f3555ccba127f 3f79bb7b435b05321651daefd374cdc681dc06faa65e374e38337b88ca046dea Loading...

	#119 Eval - cc76ee1ba537bcac64070cf4a463c403	22 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash cc76ee1ba537bcac64070cf4a463c403 db95c9bd96d58cfbefe97427780a96dfab71702b bad5aebdbf93293db23414c4b46e92491ceae6ddcea910f3fd51a09faa80df2f Loading...

	#120 Eval - bbdb73ea1dd6c3e8a7a6ffdfd68146e9	26 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash bbdb73ea1dd6c3e8a7a6ffdfd68146e9 5140306576632a727d5041c77c3c19172b158c6f a5581b2597aa7d1fb8c59421f29b054f17e3f572fc4cf2527337faeb1a939171 Loading...

	#121 Eval - 5c63a41e3cfad5fbd609163d4c47e68c	253 B	2024-10-04 10:10	2024-10-11 08:51
Pretty Observations First Seen2024-10-04 10:10 Last Seen2024-10-11 08:51 Times Seen29 Hash 5c63a41e3cfad5fbd609163d4c47e68c 1c162a504caa943fda519769c1bb702b75ed79d7 1511965abfbfc8ef0c90d4414f36d319eb2246cf5ff83edf4f036421b10530db Loading...

		Size	First Seen	Last Seen
	#1 Write - 66445e4af5e1c7be2eb2dc0dfb5b7844	115 B	2024-07-25 15:25	2024-10-11 08:47
Pretty Observations First Seen2024-07-25 15:25 Last Seen2024-10-11 08:47 Times Seen4 Hash 66445e4af5e1c7be2eb2dc0dfb5b7844 5fac78796538177744ac297520cc646f246838f0 f597134f2b4c21584bfdcb801767b3c8947be0a75f790dfe9de8bdc1f5635e2b Loading...

HTTP Transactions (428)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
92a230cb5218879a64fe719acf75881c
7f7635dedaaca6b4b4ecb370b51df9538d7a7d0d
14ffc94e6280a14388fda9745042b01144374fd782cf089b48025a1316ecbd24

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "14FFC94E6280A14388FDA9745042B01144374FD782CF089B48025A1316ECBD24"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5066
Expires: Tue, 08 Oct 2024 19:32:20 GMT
Date: Tue, 08 Oct 2024 18:07:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
7338853386defad2f045b3bee05dd9c8
6aaf1269eb3b9e16629c1b20652ee2dbd12c7182
50b50dc294c0c33b05390bd82ad7a823a64b8c24a0de5b92b770e8cfd4e5259f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "50B50DC294C0C33B05390BD82AD7A823A64B8C24A0DE5B92B770E8CFD4E5259F"
Last-Modified: Tue, 08 Oct 2024 04:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7596
Expires: Tue, 08 Oct 2024 20:14:30 GMT
Date: Tue, 08 Oct 2024 18:07:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
33985775df7b619cb33f4050d88c5fb9
cf0b2ff92cd2f7e12ce788a164a73d75dea5da83
b6db380f5eeb73aa56abf90afa43b52cc9f51b01f33ad1eefeccc473a41ffb86

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B6DB380F5EEB73AA56ABF90AFA43B52CC9F51B01F33AD1EEFECCC473A41FFB86"
Last-Modified: Tue, 08 Oct 2024 11:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16816
Expires: Tue, 08 Oct 2024 22:48:10 GMT
Date: Tue, 08 Oct 2024 18:07:54 GMT
Connection: keep-alive

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fd0f68c735dbd66952eb1297c52e1a68
3f19611702976e684b5a4b30d174ac2c212892ae
44c1b3e69727b1930c77a4657e355e51dfbe3514e455cb6ace8dd3154475c465

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
31fc782bf1efb76a7251d3e45007b986
7cfef07644e0e4aad99bfa3dd10cf975f7c06f89
663061e811010828ed222146cbb81114a49ba635f6c6547f3601ae0c3de1409d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "663061E811010828ED222146CBB81114A49BA635F6C6547F3601AE0C3DE1409D"
Last-Modified: Tue, 08 Oct 2024 04:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12920
Expires: Tue, 08 Oct 2024 21:43:14 GMT
Date: Tue, 08 Oct 2024 18:07:54 GMT
Connection: keep-alive

sofiahalbofanimeworld.blogspot.it/2021/06/httpsnftgoddess.html

216.58.207.193

302 Found

230 B

URL User Request GET HTTP/2
sofiahalbofanimeworld.blogspot.it/2021/06/httpsnftgoddess.html
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subjectmisc-sni.blogspot.com
Fingerprint7E:93:9C:A3:7B:16:7A:E5:A1:9A:FE:FA:00:80:34:53:10:BA:FF:6C
ValidityMon, 16 Sep 2024 09:15:24 GMT - Mon, 09 Dec 2024 09:15:23 GMT

File type
HTML document, ASCII text
Size
230 B (230 bytes)
Hash
192491be4ae01b79327f6292cde8af07
25e189ea1cf02d89c027f2b2c7878c2d432b33be
417b1ec0d13e6f8f83ca1e67685795eb814aff8b4a398634a3cf0b2f0a0c4939

HTTP Headers

GET /2021/06/httpsnftgoddess.html HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Tue, 08 Oct 2024 18:07:55 GMT
expires: Tue, 08 Oct 2024 18:07:55 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 230
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fd0f68c735dbd66952eb1297c52e1a68
3f19611702976e684b5a4b30d174ac2c212892ae
44c1b3e69727b1930c77a4657e355e51dfbe3514e455cb6ace8dd3154475c465

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fd0f68c735dbd66952eb1297c52e1a68
3f19611702976e684b5a4b30d174ac2c212892ae
44c1b3e69727b1930c77a4657e355e51dfbe3514e455cb6ace8dd3154475c465

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html

216.58.207.193

14 kB

URL
sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5293)
Size
14 kB (14305 bytes)
Hash
6022965d22026be0f7d4e33ad4d260d1
1d17e544d37e3cf404ca51fdfc3ccca6a7aae5cb
9a58d27bef213c15b7fba6ea62a68df54ee1d9fabc5fe10a0f6b709331230767

HTTP Headers

GET /2021/06/httpsnftgoddess.html HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 08 Oct 2024 18:07:56 GMT
date: Tue, 08 Oct 2024 18:07:56 GMT
cache-control: private, max-age=0
last-modified: Tue, 08 Oct 2024 18:07:24 GMT
etag: W/"053b09a58fb3fa48da08a5add2d5956d42ed5fbca9339234368421f010ba6445"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 14305
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

sofiahalbofanimeworld.blogspot.com/js/cookienotice.js

216.58.207.193

2.0 kB

URL
sofiahalbofanimeworld.blogspot.com/js/cookienotice.js
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text
Size
2.0 kB (2026 bytes)
Hash
a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Tue, 08 Oct 2024 18:07:56 GMT
expires: Tue, 15 Oct 2024 18:07:56 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 13:59:46 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
94d707c969e118e8df95d0756dbc7120
c00b42265319dbdfd4849b8f73a5508bf89f7f1b
5d5d2b5f59a26ad717eafa5afec760994667c7e7d3ed521aee34f5764c17ffa3

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.163

471 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2d1c8b13ae701322b4d9fea5204ef498
e547f03c075da8039204bba14c49c5962943ad82
adbcfda5e8d44e7bb946d97135cb63206888a24ba56e7a9a25b9e4ab75589e51

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
89b920519ce33893bcdccf39a4ff9175
d2abf464f450f75ec73bbdbc8f4ef2ed34647ce1
8f976933d31479aae7083e929c54d668d4a45084967695c83189216de234cdbf

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
84aaec4a51a7e8676005309bb6763eb0
2f2662b14487b0deb96f86d95ab2960c4e5ffbee
fa69ca1387df4350595cbd13ab4e29647bc078fd5c5a8ed41e4d8a6b028367f1

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
aa746f2452828a39148ef2ed129c14f6
aab2904047696ac367e2bfc0ffb1ba44c9c84256
5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Tue, 08 Oct 2024 20:12:34 GMT
Date: Tue, 08 Oct 2024 18:07:56 GMT
Connection: keep-alive

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109

216.58.207.226

200 OK

53 kB

URL GET HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109
IP
216.58.207.226:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
JavaScript source, ASCII text, with very long lines (4006)
Size
53 kB (52829 bytes)
Hash
6c5618382c700d12a02e271293eecc77
0fcb337a73da8e383d567070f1ac680224b9e3da
2c3ab0b27f010a9c8d01cc3648eaf90b2a78bdc52ebf519416564dbe92fab2a2

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sofiahalbofanimeworld.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:07:56 GMT
expires: Tue, 08 Oct 2024 18:07:56 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 14440473105800661611
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

142.250.147.191

200 OK

7.8 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
ASCII text, with very long lines (35959)
Size
7.8 kB (7756 bytes)
Hash
1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

HTTP Headers

GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Oct 2024 13:49:51 GMT
expires: Mon, 06 Oct 2025 13:49:51 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 05 Oct 2024 22:49:31 GMT
content-type: text/css
vary: Accept-Encoding
age: 188285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6efa3791e8c2d629bc3a7467d87b6e0a
444db2854c2ed59dd45c4619cd53ab3e885eb90f
4712d2c048017970e010bba016607bba52f6de29e6dec5b5b5b6071add25ecbf

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/img/blogger_logo_round_35.png

142.250.147.191

200 OK

2.5 kB

URL GET HTTP/2
www.blogger.com/img/blogger_logo_round_35.png
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2531 bytes)
Hash
838622483cbfed35380b4705f19d7cca
7de684136affc969a24d61927afc18905cf2fc36
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

HTTP Headers

GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2531
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 06:32:19 GMT
expires: Mon, 14 Oct 2024 06:32:19 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 04:51:09 GMT
content-type: image/png
age: 128137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

resources.blogblog.com/img/icon18_email.gif

142.250.147.191

164 B

URL
resources.blogblog.com/img/icon18_email.gif
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 13
Size
164 B (164 bytes)
Hash
36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

HTTP Headers

GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 00:12:40 GMT
expires: Mon, 14 Oct 2024 00:12:40 GMT
cache-control: public, max-age=604800
last-modified: Sun, 06 Oct 2024 23:56:30 GMT
content-type: image/gif
age: 150916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

resources.blogblog.com/img/icon18_edit_allbkg.gif

142.250.147.191

162 B

URL
resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 18
Size
162 B (162 bytes)
Hash
c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

HTTP Headers

GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 00:54:14 GMT
expires: Mon, 14 Oct 2024 00:54:14 GMT
cache-control: public, max-age=604800
last-modified: Sun, 06 Oct 2024 16:50:46 GMT
content-type: image/gif
age: 148422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
aa746f2452828a39148ef2ed129c14f6
aab2904047696ac367e2bfc0ffb1ba44c9c84256
5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Tue, 08 Oct 2024 20:12:34 GMT
Date: Tue, 08 Oct 2024 18:07:56 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
aa746f2452828a39148ef2ed129c14f6
aab2904047696ac367e2bfc0ffb1ba44c9c84256
5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Tue, 08 Oct 2024 20:12:34 GMT
Date: Tue, 08 Oct 2024 18:07:56 GMT
Connection: keep-alive

www.blogger.com/static/v1/widgets/3650705295-widgets.js

142.250.147.191

51 kB

URL
www.blogger.com/static/v1/widgets/3650705295-widgets.js
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (4279)
Size
51 kB (51416 bytes)
Hash
a07ab2548bced4c8b1431455cdd020cd
8ad54e7e2ba4de4d1e7afaca52306c0a81ae40ac
b7f75b19ecc538a84719f23ac5693033d53ab02ce0c097d6b4d12b5e920a592e

HTTP Headers

GET /static/v1/widgets/3650705295-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 51416
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 03:28:22 GMT
expires: Tue, 07 Oct 2025 03:28:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 00:56:47 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 139174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apis.google.com/js/platform.js

142.250.74.110

24 kB

URL
apis.google.com/js/platform.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
24 kB (24114 bytes)
Hash
50047d1ce3a78337b656b202c5c15bc2
2dc8fa917230eff7e1ef9a6863129e311ed81811
40c902b93901973c7f42e026b5c79b99ce6d71e5db1d48aa5d67a9e46c0bfd70

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 24114
date: Tue, 08 Oct 2024 18:07:56 GMT
expires: Tue, 08 Oct 2024 18:07:56 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "45dfd97a5df6ac68"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogger.com/static/v1/jsbin/1466990918-comment_from_post_iframe.js

142.250.147.191

6.7 kB

URL
www.blogger.com/static/v1/jsbin/1466990918-comment_from_post_iframe.js
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (2168)
Size
6.7 kB (6748 bytes)
Hash
8690028a2d583da1be43200c873f4aca
832d7d2341b244672eff2a3b6d4319ba0f569ddb
6a0af73d8aca10ba21b96c1a708c2effd53397bcb7797092280089818d640cb3

HTTP Headers

GET /static/v1/jsbin/1466990918-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 18:49:05 GMT
expires: Sun, 05 Oct 2025 18:49:05 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 04 Oct 2024 20:57:10 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 256732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
276e47a84d856c6ed847d4a0ab88f7da
d5f8a014071eec17d7ed34bd7a3ef47c6ffdf241
4ec634b657240ded8e8208629b2c2a49932858404c9110b651e77d9b52a5b767

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
89b920519ce33893bcdccf39a4ff9175
d2abf464f450f75ec73bbdbc8f4ef2ed34647ce1
8f976933d31479aae7083e929c54d668d4a45084967695c83189216de234cdbf

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
89b920519ce33893bcdccf39a4ff9175
d2abf464f450f75ec73bbdbc8f4ef2ed34647ce1
8f976933d31479aae7083e929c54d668d4a45084967695c83189216de234cdbf

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e141a0e4f3ddbf1a44bad021b80b8a74
6e9699bcef2091a340b3575c8a7b1e9d41f02300
3c3d0dbac89213db6cabd0e901c288db7b9cb43191f3aa52df120d81fc7f5be5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/js/google_top_exp.js

216.58.207.226

200 OK

42 B

URL GET HTTP/3
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
216.58.207.226:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
ASCII text
Size
42 B (42 bytes)
Hash
7f5f2be159837d73b72a4b37616bce44
c93d7f25b530b05c26440d3352213b683d03dcc3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

HTTP Headers

GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Tue, 08 Oct 2024 04:52:43 GMT
expires: Tue, 22 Oct 2024 04:52:43 GMT
cache-control: public, max-age=1209600
age: 47714
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

63 kB

URL GET HTTP/2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.apis.google.com
Fingerprint48:CD:F5:D1:F3:78:A1:83:0F:BC:5E:CA:CA:2A:0A:CB:D2:70:8D:83
ValidityMon, 16 Sep 2024 09:36:21 GMT - Mon, 09 Dec 2024 09:36:20 GMT

File type
JavaScript source, ASCII text, with very long lines (1885)
Size
63 kB (62924 bytes)
Hash
40ce8d1c9624826c3de087c8478ab7c1
646063e4267ae4385bedb0639f8bc6dd8b71c236
4966fc59206429f3408775b228c28beb1d80818fdddad27cc678ac34c01e5ab0

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 62924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 21:38:11 GMT
expires: Tue, 07 Oct 2025 21:38:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 18:50:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 73786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

resources.blogblog.com/blogblog/data/1kt/ethereal/white-fade.png

142.250.147.191

200 OK

144 B

URL GET HTTP/3
resources.blogblog.com/blogblog/data/1kt/ethereal/white-fade.png
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 1 x 590, 8-bit/color RGBA, non-interlaced
Size
144 B (144 bytes)
Hash
4ba06844286b94adfc8ad7bc8a8fde94
9e1fa0c37abf7c05300b90f8938dd2458409a35e
909a47a95386ffd0420ff44c0f1278a3259b918b1bc8213afa97ad6a4bb5bb58

HTTP Headers

GET /blogblog/data/1kt/ethereal/white-fade.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 00:59:24 GMT
expires: Mon, 14 Oct 2024 00:59:24 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 00:56:47 GMT
content-type: image/png
age: 148113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/img/share_buttons_20_3.png

142.250.147.191

5.1 kB

URL
www.blogger.com/img/share_buttons_20_3.png
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced
Size
5.1 kB (5080 bytes)
Hash
ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

HTTP Headers

GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Oct 2024 04:04:42 GMT
expires: Wed, 09 Oct 2024 04:04:42 GMT
cache-control: public, max-age=604800
last-modified: Wed, 02 Oct 2024 02:57:38 GMT
content-type: image/png
age: 568995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a0d69276851bfad2eebed7e2a9330f11
9a724d7993535d45321696d5b548a6729b1da82e
21f44a99f08b4c0d2977a95a70b8295bb31444abba7206cf0f8342463244a8cc

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "21F44A99F08B4C0D2977A95A70B8295BB31444ABBA7206CF0F8342463244A8CC"
Last-Modified: Tue, 08 Oct 2024 05:54:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5092
Expires: Tue, 08 Oct 2024 19:32:49 GMT
Date: Tue, 08 Oct 2024 18:07:57 GMT
Connection: keep-alive

themes.googleusercontent.com/image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3

142.250.74.97

43 kB

URL
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
PNG image data, 1515 x 971, 8-bit/color RGBA, non-interlaced
Size
43 kB (42869 bytes)
Hash
05d2738b4dc90530c7cfab2ec6a780bd
f156f3f4d6b41803bcb8704a01e38623098f09af
919e34ec42b0b8a6f9754b9e33f9faba1c20a79bc151cc03009fc0e2bb17a922

HTTP Headers

GET /image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Wed, 09 Oct 2024 18:07:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:07:57 GMT
server: fife
content-length: 42869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com&bust=31087854

216.58.207.226

140 kB

URL
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com&bust=31087854
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
JavaScript source, ASCII text, with very long lines (2868)
Size
140 kB (139507 bytes)
Hash
97ce159644306e6e870b4bc13d7308cb
33e21e8f3a6a44169d3c0c0b9edfb4d75db6f934
92af73573df1feda56905c8d993a32aebb8c1b0ba86f3aed3879b48f8bdbd021

HTTP Headers

GET /pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com&bust=31087854 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:07:57 GMT
expires: Tue, 08 Oct 2024 18:07:57 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15614900263851016558
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 139507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.surdotly.com/js/Surly.min.js

54.173.41.122

200 OK

1.7 kB

URL GET HTTP/2
cdn.surdotly.com/js/Surly.min.js
IP
54.173.41.122:443
ASN
#14618 AMAZON-AES

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerLet's Encrypt
Subjectcdn.surdotly.com
FingerprintBC:2D:3E:AC:D0:B7:72:18:57:A7:AF:0E:DA:2A:74:2C:D6:74:16:8F
ValidityFri, 13 Sep 2024 03:02:16 GMT - Thu, 12 Dec 2024 03:02:15 GMT

File type
gzip compressed data, from Unix
Size
1.7 kB (1708 bytes)
Hash
57ce189cead29ddc70a1fcc0fb957038
bf00c8758608ec387fa7f59a78f5f29098007d95
c929b37f69ab1491456560a01f8cc9c1a3a1822b31bdac68abb49196ea23edb6

HTTP Headers

GET /js/Surly.min.js HTTP/1.1
Host: cdn.surdotly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 08 Oct 2024 18:07:57 GMT
content-type: application/javascript
last-modified: Mon, 13 Jun 2022 04:23:22 GMT
vary: Accept-Encoding
etag: W/"62a6bbba-b7a"
expires: Thu, 07 Nov 2024 18:07:57 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

draft.blogger.com/img/logo-16.png

142.250.147.191

200 OK

279 B

URL GET HTTP/3
draft.blogger.com/img/logo-16.png
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
279 B (279 bytes)
Hash
5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

HTTP Headers

GET /img/logo-16.png HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 03:05:00 GMT
expires: Mon, 14 Oct 2024 03:05:00 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 02:53:58 GMT
content-type: image/png
age: 140577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ad2bitcoin.com/ad.php?ref=sofiahalbof&width=300

162.0.208.108

1.5 kB

URL
ad2bitcoin.com/ad.php?ref=sofiahalbof&width=300
IP
162.0.208.108:0
ASN
#22612 NAMECHEAP-NET

File type
JavaScript source, ASCII text, with very long lines (1162)
Size
1.5 kB (1515 bytes)
Hash
cbf40941d23514c2ed0b4e1a9a684d53
726f9e6c27235167b2660d5f09fd7742ed92c2a4
ac789051ece5497e4b8cb9d083778a8f01101fa0f0c0e952c5e55a2d77a71816

HTTP Headers

GET /ad.php?ref=sofiahalbof&width=300 HTTP/1.1
Host: ad2bitcoin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 08 Oct 2024 18:07:57 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1515
Keep-Alive: timeout=5, max=50
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997

142.250.147.191

19 kB

URL
draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (41165)
Size
19 kB (18793 bytes)
Hash
dec375d633de3c3536b9252a45a8eb8c
4ecad9e450dbd9afb174174cb74ce83012635781
7daa855cdd9f2b130214eaafc9cac276d481374b6bf794680549cbcc3fabb87d

HTTP Headers

GET /comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997 HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:07:57 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-5XDFuXZ_eVHAH3mWln8J0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: same-site
reporting-endpoints: default="/_/BloggerCommentUi/web-reports?context=eJzjamHU4pJiCNSQYqh138lUfmUn0x2NXUyvgDiydBdTOhA7vbrJJNN7i-nxlFtMz9ufMX0DYomvL5lkgDhdbQZrLhA7pc9gdQPi1pvnWDuB2PbWedakf-dZ04D4h8dFVjbPi6yGCpdYTYFYtecSqyYQp-ZcZi2SuMJaBsRCPBx_X07dwSawYPGau4xKSkn5hfFJOfnp6alFpZnFqUVlqUXxRgZGJoYGBhZ6BgbxBQYABzJI5g"
content-encoding: br
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=518=HksEWjs674RZ52HCn5HapATJrxB4mXofTfeyO_PfYxivPNoN37dejROuMD3zRgwbkNxceEwDLQppWQDFR73SeWrkdoA-D7ZygdawwGoZmdg9KFuH2VQeCXJdEL4KQSQJFirrMdj7V4BC0rVSbIW99QxSeVZg-tJlVCazfdZMJA3uHPVZ407IqYW9jvWTnEeRKcmAuw; expires=Wed, 09-Apr-2025 18:07:57 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

draft.blogger.com/dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=27dd6370-fcfb-4320-aaec-435c7b6970a5

142.250.147.191

21 B

URL
draft.blogger.com/dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=27dd6370-fcfb-4320-aaec-435c7b6970a5
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=27dd6370-fcfb-4320-aaec-435c7b6970a5 HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:07:57 GMT
last-modified: Tue, 08 Oct 2024 18:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

draft.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__

142.250.147.191

2.2 kB

URL
draft.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1963)
Size
2.2 kB (2237 bytes)
Hash
b32b3cf64363c5f7ff56e749b3532804
a15ce289261c989a1943c6c4559d4c26ae5dd6e6
9f7ce6653b7c3e57a03e5caaf8ed1b8148f08a20fefbffb80f3c067fe74cf11a

HTTP Headers

GET /navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__ HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2237
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1728410844&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F06%2Fhttpsnftgoddess.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&dt=1728410877047&bpp=6&bdt=397&idt=621&shv=r20241003&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2744203537539&frm=20&pv=2&u_tz=0&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44795921%2C95343328%2C95343454%2C31087854%2C95335245&oid=2&pvsid=4299491734340984&tmod=700914866&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=665

216.58.207.226

46 B

URL
pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1728410844&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F06%2Fhttpsnftgoddess.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&dt=1728410877047&bpp=6&bdt=397&idt=621&shv=r20241003&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2744203537539&frm=20&pv=2&u_tz=0&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44795921%2C95343328%2C95343454%2C31087854%2C95335245&oid=2&pvsid=4299491734340984&tmod=700914866&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=665
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
HTML document, ASCII text, with very long lines (603), with no line terminators
Size
46 B (46 bytes)
Hash
2c739853e3edfa26869416e3d4e5d369
c263dc1c36c954b252bc7e775e6e82865d9b29b8
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

HTTP Headers

GET /pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1728410844&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F06%2Fhttpsnftgoddess.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&dt=1728410877047&bpp=6&bdt=397&idt=621&shv=r20241003&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2744203537539&frm=20&pv=2&u_tz=0&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44795921%2C95343328%2C95343454%2C31087854%2C95335245&oid=2&pvsid=4299491734340984&tmod=700914866&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=665 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Oct 2024 18:07:57 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640/original+%25284%2529.jpg

142.250.74.97

200 OK

25 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640/original+%25284%2529.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 500x504, components 3
Size
25 kB (24947 bytes)
Hash
4112a2265f97c15c59d8c48c0d07e556
0ee3839d780347edf08fd5f4a52388dd46bc3ad2
74477a6ab562eaaf23b770ae8a9bb469444d9e2a09fe75a229c163593e2ad518

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640/original+%25284%2529.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v51c"
expires: Wed, 09 Oct 2024 18:07:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="original (4).jpg"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:07:57 GMT
server: fife
content-length: 24947
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeaoNsjDNQ-ft3m51CUPvtToBCbzwdc07wA-SfDPeT-QYmEmsTDzvY8IT9fbty0vA7cQw0i0FVu0FF2ondR7f191Nf0ZSiKTH-boMuR4uzVZYnx-uy132RLaT3OwItBoytd6eLbHjhJnk/s1600/tumblr_p9sx9t6ITy1tji7wmo1_640.png

142.250.74.97

200 OK

19 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeaoNsjDNQ-ft3m51CUPvtToBCbzwdc07wA-SfDPeT-QYmEmsTDzvY8IT9fbty0vA7cQw0i0FVu0FF2ondR7f191Nf0ZSiKTH-boMuR4uzVZYnx-uy132RLaT3OwItBoytd6eLbHjhJnk/s1600/tumblr_p9sx9t6ITy1tji7wmo1_640.png
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
PNG image data, 627 x 348, 8-bit/color RGB, non-interlaced
Size
19 kB (19422 bytes)
Hash
08b8c241415eb845471a6cdc24e86d3d
4a67fd9185985c5eb0f690a81e4723e9fd10991e
e20d7cd5eded37c6539062e9a67b2674b0c52f8149c9880c8ea6ca366fe7df00

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEgeaoNsjDNQ-ft3m51CUPvtToBCbzwdc07wA-SfDPeT-QYmEmsTDzvY8IT9fbty0vA7cQw0i0FVu0FF2ondR7f191Nf0ZSiKTH-boMuR4uzVZYnx-uy132RLaT3OwItBoytd6eLbHjhJnk/s1600/tumblr_p9sx9t6ITy1tji7wmo1_640.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v358"
expires: Wed, 09 Oct 2024 18:07:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tumblr_p9sx9t6ITy1tji7wmo1_640.png"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:07:57 GMT
server: fife
content-length: 19422
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

resources.blogblog.com/img/anon36.png

142.250.147.191

1.7 kB

URL
resources.blogblog.com/img/anon36.png
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced
Size
1.7 kB (1654 bytes)
Hash
106b75877485647b4b5618523f541732
c19e26c01d2972a4c895c3688c735158785620c7
19a794aab8d93c3cafd1efa4ae19579369f92ed5f1bb114d05aa0d7c7d1b3c22

HTTP Headers

GET /img/anon36.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1654
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:19:24 GMT
expires: Tue, 15 Oct 2024 11:19:24 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 13:59:46 GMT
content-type: image/png
age: 24513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

i.ibb.co/VBhTMj3/test-gif.gif

162.19.58.160

66 kB

URL
i.ibb.co/VBhTMj3/test-gif.gif
IP
162.19.58.160:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 300 x 250
Size
66 kB (66345 bytes)
Hash
026bb41d0a36841a988d5cab62b49856
98df61d799588c1f1a1ca57c3187fe41ac77727c
4eed8531ef11c31bf4e63b91c0489c7ff9d8797f05730676348b6b64551ba1a4

HTTP Headers

GET /VBhTMj3/test-gif.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:07:57 GMT
content-type: image/gif
content-length: 66345
last-modified: Wed, 11 Sep 2024 09:15:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ad2bitcoin.com/adqlt.php?ref=sofiahalbof&keycode=2350

162.0.208.108

190 B

URL
ad2bitcoin.com/adqlt.php?ref=sofiahalbof&keycode=2350
IP
162.0.208.108:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (734), with no line terminators
Size
190 B (190 bytes)
Hash
6917de894c0f4aa2a5a971363599816a
f6824c42f9ecaf120feaf2c41ce8f573a2d05964
c0dc2afbb0add942fbe7cf304fe186126ef4a3e82afbc79ef117c73711ff7720

HTTP Headers

GET /adqlt.php?ref=sofiahalbof&keycode=2350 HTTP/1.1
Host: ad2bitcoin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/ad.php?ref=sofiahalbof&width=300
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 08 Oct 2024 18:07:57 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 190
Keep-Alive: timeout=5, max=49
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

apis.google.com/js/platform:gapi.iframes.style.common.js

142.250.74.110

200 OK

24 kB

URL GET HTTP/3
apis.google.com/js/platform:gapi.iframes.style.common.js
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com&pfname=&rpctoken=86231880
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
24 kB (24124 bytes)
Hash
da40ef4242aa882fd89c4a6f4a1f8e66
36d4566e044021ff8d28325590594d15d4d26e91
5633f53e7c8ec0475172ac35923206b7623f0e148531b0774b93444da2dd240f

HTTP Headers

GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 24124
date: Tue, 08 Oct 2024 18:07:58 GMT
expires: Tue, 08 Oct 2024 18:07:58 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "123c7ff8bc76c11b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

draft.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/am=BgABxA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3Ci4I5tuF7GR9x9Xv-Tm_waggq2A/m=_b,_tp

142.250.147.191

200 OK

67 kB

URL GET HTTP/3
draft.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/am=BgABxA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3Ci4I5tuF7GR9x9Xv-Tm_waggq2A/m=_b,_tp
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997#%7B%22color%22:%22rgb(102,%20102,%20102)%22,%22backgroundColor%22:%22rgb(61,%20133,%20198)%22,%22unvisitedLinkColor%22:%22rgb(61,%20116,%20165)%22,%22fontFamily%22:%22Arial,%20Tahoma,%20Helvetica,%20FreeSans,%20sans-serif%22%7D
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (1779)
Size
67 kB (67175 bytes)
Hash
c6697660fd379af0162c4fa460c5fbce
2367a37aa04e27b4abb0d804b23deabadcc844ce
2ef97fd3ab0ab18bcc3c8a164973d63a12ad71a8caccb22f87198c8515e3455b

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/am=BgABxA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP3Ci4I5tuF7GR9x9Xv-Tm_waggq2A/m=_b,_tp HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 67175
date: Tue, 08 Oct 2024 18:07:58 GMT
expires: Wed, 08 Oct 2025 18:07:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 07 Oct 2024 23:05:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/navbar/icons_peach.png

142.250.147.191

907 B

URL
resources.blogblog.com/img/navbar/icons_peach.png
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
PNG image data, 46 x 20, 8-bit colormap, non-interlaced
Size
907 B (907 bytes)
Hash
3718077fe5eb689b0ded987a52881d06
f0ce5596ef43f850c400cbbc0556697fb3e7b232
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

HTTP Headers

GET /img/navbar/icons_peach.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 907
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 22:20:57 GMT
expires: Mon, 14 Oct 2024 22:20:57 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 13:59:46 GMT
content-type: image/png
age: 71221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/navbar/arrows-light.png

142.250.147.191

200 OK

117 B

URL GET HTTP/3
resources.blogblog.com/img/navbar/arrows-light.png
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com&pfname=&rpctoken=86231880
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced
Size
117 B (117 bytes)
Hash
25c2b0cfe0ad4dcda4a0e3727d091d80
b9d16f4311e64648b7970baf00cb9841e3c3351b
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

HTTP Headers

GET /img/navbar/arrows-light.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 117
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Oct 2024 21:30:28 GMT
expires: Sun, 13 Oct 2024 21:30:28 GMT
cache-control: public, max-age=604800
last-modified: Sun, 06 Oct 2024 19:56:17 GMT
content-type: image/png
age: 160650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
da81b6afc914a427d8f8fc2ba6c2b76b
c1f69f03e9c0df9b7c6640df642fee4cdcac4030
07bde6aed89336db3dc9673efe04b7ef18f5d8caa0796a883fd5aa3e64f963ec

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "07BDE6AED89336DB3DC9673EFE04B7EF18F5D8CAA0796A883FD5AA3E64F963EC"
Last-Modified: Tue, 08 Oct 2024 04:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7119
Expires: Tue, 08 Oct 2024 20:06:37 GMT
Date: Tue, 08 Oct 2024 18:07:58 GMT
Connection: keep-alive

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

47 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com&pfname=&rpctoken=86231880
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type
JavaScript source, ASCII text, with very long lines (1885)
Size
47 kB (46988 bytes)
Hash
2f6e0ceb03cb60762a83e5514b7fbd9c
8d14964948829b0d84d8c950620829055ef71cf2
c115f3e4b408f5b326061bdfdf27973e7e65cc65788884931cacd25cf344d070

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://draft.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 46988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 21:38:12 GMT
expires: Tue, 07 Oct 2025 21:38:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 18:50:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 73786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

draft.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x

142.250.147.191

200 OK

154 B

URL GET HTTP/3
draft.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997#%7B%22color%22:%22rgb(102,%20102,%20102)%22,%22backgroundColor%22:%22rgb(61,%20133,%20198)%22,%22unvisitedLinkColor%22:%22rgb(61,%20116,%20165)%22,%22fontFamily%22:%22Arial,%20Tahoma,%20Helvetica,%20FreeSans,%20sans-serif%22%7D
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text
Size
154 B (154 bytes)
Hash
0212f84f9b3c279098932d83a43b6448
22ef0e934187e4a4bb70bce5a59e7eed3e45e82b
9dffee8e9e10ba5883b18f8f0803e06bcdd3751909cd3a2ad48195a33a4132c9

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 154
date: Tue, 08 Oct 2024 18:07:58 GMT
expires: Wed, 08 Oct 2025 18:07:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 07 Oct 2024 23:05:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

draft.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,ebZ3mb,zr1jrb,ZDZcre,Uas9Hd,A7fCU,pjICDe

142.250.147.191

130 kB

URL
draft.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,ebZ3mb,zr1jrb,ZDZcre,Uas9Hd,A7fCU,pjICDe
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (2219)
Size
130 kB (129503 bytes)
Hash
9e66f3695445457ac0097a0f4d8e556f
7ed56b9b41150c10cb64eb7de83029aae0215192
b837bf214e76908e2c3f6aa3de4e876f4a652464ca54cf6b820b0bfccb3bc93b

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,ebZ3mb,zr1jrb,ZDZcre,Uas9Hd,A7fCU,pjICDe HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 129503
date: Tue, 08 Oct 2024 18:07:58 GMT
expires: Wed, 08 Oct 2025 18:07:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 07 Oct 2024 23:05:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

draft.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc

142.250.147.191

750 B

URL
draft.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (742)
Size
750 B (750 bytes)
Hash
f5fe853e28ef570e5755e3ec4f7ca7a9
090d851368fcb58db2aacba40bcf99d23ff0e37a
67d3c38279ac69f2a44f33ca5fde4fc0f2fe4738137bff825abe1ad4b4f933de

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 750
date: Tue, 08 Oct 2024 18:07:58 GMT
expires: Wed, 08 Oct 2025 18:07:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 07 Oct 2024 23:05:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

teleearnings.odoo.com/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0

34.78.83.233

200 OK

77 kB

URL GET HTTP/2
teleearnings.odoo.com/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
34.78.83.233:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:07:58 GMT
content-type: font/woff2
content-length: 77160
last-modified: Wed, 11 Sep 2024 13:41:06 GMT
etag: "66e19df2-12d68"
expires: Wed, 09 Oct 2024 18:07:58 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2

steemitimages.com/p/2N61tyyncFaFVtpM8rCsJzDgecVMtkz4jpzBsszXjhqan9oSxNUiLntKumUx6UXTnjRZBagC7t4wvcU8NfMFRFUUeTxXqYciwYQibrkEfPq2QTEahQD2wEJX5bpqnWRQhwYhW7YSwNYE?format=match&mode=fit&width=640

104.21.234.125

200 OK

132 kB

URL GET HTTP/2
steemitimages.com/p/2N61tyyncFaFVtpM8rCsJzDgecVMtkz4jpzBsszXjhqan9oSxNUiLntKumUx6UXTnjRZBagC7t4wvcU8NfMFRFUUeTxXqYciwYQibrkEfPq2QTEahQD2wEJX5bpqnWRQhwYhW7YSwNYE?format=match&mode=fit&width=640
IP
104.21.234.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerLet's Encrypt
Subjectsteemitimages.com
Fingerprint15:0E:F4:21:4F:5C:5B:28:5C:BB:84:44:B5:E9:3D:BE:84:2B:40:29
ValidityMon, 26 Aug 2024 22:58:52 GMT - Sun, 24 Nov 2024 22:58:51 GMT

File type
JPEG image data, baseline, precision 8, 600x1071, components 3
Size
132 kB (132489 bytes)
Hash
7658d97699fbc3e52f541a07699db52d
e0eb3474d773a72507c239d3681ac0541c55924d
1412897749333d4d8ad34fdadc6c97e213168572dda0beda9dd0e30688877ae1

HTTP Headers

GET /p/2N61tyyncFaFVtpM8rCsJzDgecVMtkz4jpzBsszXjhqan9oSxNUiLntKumUx6UXTnjRZBagC7t4wvcU8NfMFRFUUeTxXqYciwYQibrkEfPq2QTEahQD2wEJX5bpqnWRQhwYhW7YSwNYE?format=match&mode=fit&width=640 HTTP/1.1
Host: steemitimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sofiahalbofanimeworld.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:07:57 GMT
content-type: image/jpeg
x-request-id: Root=1-66ff0544-218fb1e60f7012370498ae00
vary: Origin, Accept-Encoding
cache-control: public,max-age=29030400,immutable
cf-cache-status: HIT
age: 421817
last-modified: Thu, 03 Oct 2024 20:57:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BMCOP4pXHSSDfZ%2FB5ymQIKn7SzZt85Xl0U5KP6BjSQVecYNVL7LeM0B4QRF5F0B3tokGcncgKmiJFL%2FzlojRoHt6LBaR2yiQabFSxWt21CBmPVs8RlpZ3FYFdZL5%2BwYUjj2qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812cf7c14368d-LHR
X-Firefox-Spdy: h2

sofiahalbofanimeworld.blogspot.com/favicon.ico

216.58.207.193

412 B

URL
sofiahalbofanimeworld.blogspot.com/favicon.ico
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
Size
412 B (412 bytes)
Hash
59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Tue, 08 Oct 2024 18:07:58 GMT
date: Tue, 08 Oct 2024 18:07:58 GMT
cache-control: private, max-age=86400
last-modified: Tue, 08 Oct 2024 18:07:24 GMT
etag: W/"053b09a58fb3fa48da08a5add2d5956d42ed5fbca9339234368421f010ba6445"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997

142.250.147.191

19 kB

URL
draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (41165)
Size
19 kB (19318 bytes)
Hash
9ac79fac85454d92268ba676b4b14e89
4599a92f4f5eb1cb13feed60629ce3d21c9d1f67
12616bb1a4e44e4b26e02982c45583376ec4fbed5666db0a3de32d2933bebb40

HTTP Headers

GET /comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997 HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:07:57 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'nonce-N-tRaRQdwKCGrrXSiTwHxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/BloggerCommentUi/web-reports?context=eJzjamHU4pJi8NeQYqh138lUfmUn0x2NXUyvgDiydBdTOhA7vbrJJNN7i-nxlFtMz9ufMX0DYomvL5lkgDhdbQZrLhA7pc9gdQPi1pvnWDuB2PbWedakf-dZ04D4h8dFVjbPi6yGCpdYTYFYtecSqyYQp-ZcZi2SuMJaBsRCPBx_X07dwSawY87Ks0xKSkn5hfFJOfnp6alFpZnFqUVlqUXxRgZGJoYGBhZ6BgbxBQYABd5I4w"
content-encoding: br
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=518=ull96Jrv3ioPWO377w0j_sVfnL7E6ZI6thTqw20SCYECnwoOKRI8QK3pKRamuTJFd4rPWkzGwltEhLuM2qmf_3YzhqDhpeT6OsNcbJxwUG4vQByc7CIfVwQkFzaPxg23JgTdFMo33ObacDXcdnQk2hjwYTOGWrufT2vBTjuXJMC9VyugxA6FZd1HtXdP-jJMdmaZsg; expires=Wed, 09-Apr-2025 18:07:57 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.diclotrans.com/sdk/v1/34038/f44ec475425817afcf36eb7dee7c68ba054b45da/lib.js

188.114.97.1

6.9 kB

URL
cdn.diclotrans.com/sdk/v1/34038/f44ec475425817afcf36eb7dee7c68ba054b45da/lib.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (5983)
Size
6.9 kB (6902 bytes)
Hash
b6015e47e418ec70aa9f1d17c2f63d0c
7c92697419a7cd7a119a4f0c2fdb2940d9bc1758
e356dcc01b34470f5ec88223f868cf7b3b7e5a6d299dcbe0e9b0bab97186c399

HTTP Headers

GET /sdk/v1/34038/f44ec475425817afcf36eb7dee7c68ba054b45da/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:07:58 GMT
content-type: text/javascript
content-length: 6902
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 3431
last-modified: Tue, 08 Oct 2024 17:10:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5U%2Bx%2BvRBjrnajtBya%2Fl97yJzT%2BgSiS3FzgooUq%2FDEKGL7R%2Fiopnx4a2uoW%2BjHY8w5CyEVWFqH%2BBsrlW0mNXzhCaZT5%2BJ233GzeXwinze7ktCnCpg713CH6Iz9GZwHk0sz24IPTE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d859a8b50c-OSL
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2ef0bc037bdcb2f9ee87fefb2022a5b3
e68563f353ca78d56078cd8573d21f44b61310c4
e845b8abe14824133b05530d8e93437112ac0ab6a5ff03241cc1f792d56731f3

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

teleearnings.odoo.com/

34.78.83.233

591 kB

URL
teleearnings.odoo.com/
IP
34.78.83.233:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
HTML document, ASCII text, with very long lines (36891), with CRLF, LF line terminators
Size
591 kB (591373 bytes)
Hash
f31191e8fd280ec26d23470831c5ab3c
b7a359d475bf262d2b2d5975b3e640b8db9b3734
2ab3c377b2056c5436677deb5c0307ff26f8a50790419f9403e8b8e0ae2ff728

HTTP Headers

GET / HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:07:58 GMT
content-type: text/html; charset=utf-8
set-cookie: frontend_lang=en_US; Expires=Wed, 08 Oct 2025 18:07:58 GMT; Path=/
session_id=O3jito29SwoB9OV_mYp63ZI4uZil3lqRq1VhKh1yT24W1YWdOwNr1YFprOda3eOiRU-YpdJRs0fUB4qAfMBz; Expires=Wed, 08 Oct 2025 18:07:58 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

e5.o.lencr.org/

23.36.76.226

344 B

URL
e5.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
9ed4545888854caecd80775bcc76d2c8
9c78d1e1334a7d426d2cdee62e2924c89bad17f8
e3323ea4989bec3296e095b0bd9d834950a7e79fd64cf83026dc1f88152cc8e7

HTTP Headers

POST / HTTP/1.1
Host: e5.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "E3323EA4989BEC3296E095B0BD9D834950A7E79FD64CF83026DC1F88152CC8E7"
Last-Modified: Tue, 08 Oct 2024 12:25:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 09 Oct 2024 00:07:58 GMT
Date: Tue, 08 Oct 2024 18:07:58 GMT
Connection: keep-alive

cdn.diclotrans.com/sdk/v1/34703/b1e9b52fb2537d64471b3d86cc846f4f19ef9ba7/lib.js

188.114.97.1

200 OK

5.1 kB

URL GET HTTP/3
cdn.diclotrans.com/sdk/v1/34703/b1e9b52fb2537d64471b3d86cc846f4f19ef9ba7/lib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type
JavaScript source, ASCII text, with very long lines (5987)
Size
5.1 kB (5095 bytes)
Hash
50b8163315dadaa9de02fb8162358199
dd7d84765e9df257fe91bffe57a0fd206baa537b
d541813a0b483e773bc781cfda5570aceb98a7e9bd3bd64a4f5090f5d338a00d

HTTP Headers

GET /sdk/v1/34703/b1e9b52fb2537d64471b3d86cc846f4f19ef9ba7/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: text/javascript
content-length: 5095
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 352
last-modified: Tue, 08 Oct 2024 18:02:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HrqF%2BpfQgQ6IztRyvirfrmN1PrW3UaCXGDQB9mfuy%2BvHifXv7LDy2zRg7%2B6a4As%2Fkui3cvQogxFGISXlMnrkuQMCQp8612%2FC0sdSfgM4PLDxqPsvHrgfd%2BuS7evnIBWi96x4X1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d9b882dbfa-FRA

thelifewillbefine.de/karma/karma.js?karma=bs?nosaj=faster.mo

202.61.204.169

200 OK

585 kB

URL GET HTTP/2
thelifewillbefine.de/karma/karma.js?karma=bs?nosaj=faster.mo
IP
202.61.204.169:443
ASN
#197540 netcup GmbH

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerZeroSSL
Subjectthelifewillbefine.de
Fingerprint1F:26:B9:3B:C9:CF:6A:5E:AE:D6:34:F4:C4:FF:24:9C:16:A5:BB:4D
ValidityFri, 27 Sep 2024 00:00:00 GMT - Thu, 26 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (58862), with CRLF line terminators
Size
585 kB (585217 bytes)
Hash
6d93a147f2209d36dde60dca06e6445d
e98d373418edece7653810992d28a7bd7234768b
a3167e7e1ba9d63df76b6eec350c52698ef09bce32c823c3bb367d74e27eefc9

HTTP Headers

GET /karma/karma.js?karma=bs?nosaj=faster.mo HTTP/1.1
Host: thelifewillbefine.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache,max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 16 Sep 2024 22:22:03 GMT
accept-ranges: bytes
etag: "80b7f9da868db1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Tue, 08 Oct 2024 18:07:58 GMT
content-length: 585217
X-Firefox-Spdy: h2

cdn.diclotrans.com/sdk/v1/34705/c3a8fe0c2fbb511c4dc2b9a07ca7e5e66c7fabdb/lib.js

188.114.97.1

9.5 kB

URL
cdn.diclotrans.com/sdk/v1/34705/c3a8fe0c2fbb511c4dc2b9a07ca7e5e66c7fabdb/lib.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (5983)
Size
9.5 kB (9543 bytes)
Hash
c6289571fe29ecfda4f82a725258c1f8
860945b112d5050629c43831a76b2ad3435c5e90
268b1b86af62acdca2c4943ef2c39992f47ecfeb9951c2dc0c50848dd16c29f5

HTTP Headers

GET /sdk/v1/34705/c3a8fe0c2fbb511c4dc2b9a07ca7e5e66c7fabdb/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: text/javascript
content-length: 9543
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 352
last-modified: Tue, 08 Oct 2024 18:02:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WfE5r3kdgavA4xB7TzTgaSom5x529MzfQ87M8x4HCKoFofA%2FX%2BCx9Fu86kWPKoFLufyq%2FUS1Ul7mHdXpPFjkOM41GQajsDjPpN0mC2LJ0fU16nQpxLUSlIgsAEDSsmc3p5A2IPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d9b891dbfa-FRA

cdn.diclotrans.com/sdk/v1/35406/3af8ee8afd26cb71de8bb4a3e6c31ef2aaa16032/lib.js

188.114.97.1

3.5 kB

URL
cdn.diclotrans.com/sdk/v1/35406/3af8ee8afd26cb71de8bb4a3e6c31ef2aaa16032/lib.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (5983)
Size
3.5 kB (3547 bytes)
Hash
7b2d97d96d7743301b32e3cb7c5add69
249ddcc07d53102dccc2d2b2f145f74bc8533366
21da184c3bf5fc2d6efcbc2f58efe352576b788592204005d7a9da781fe943f3

HTTP Headers

GET /sdk/v1/35406/3af8ee8afd26cb71de8bb4a3e6c31ef2aaa16032/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: text/javascript
content-length: 3547
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 346
last-modified: Tue, 08 Oct 2024 18:02:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybGCfYvSOdA8riQXNmiegRNM1lXarqclxOIoEJYb6J0YQ3E7kc4lVTCV6WCEaD4liASbt9VTC%2FMxILWvasphAjyDM1k3Sx1EqxMXwrUQW1SvQ0WnYlGP26fqZIcSpt1hH2ecYdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d9d8ebdbfa-FRA

teleearnings.odoo.com/web/assets/1/c97de1e/web.assets_frontend_minimal.min.js

34.78.83.233

14 kB

URL
teleearnings.odoo.com/web/assets/1/c97de1e/web.assets_frontend_minimal.min.js
IP
34.78.83.233:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
JavaScript source, ASCII text, with very long lines (5987)
Size
14 kB (13777 bytes)
Hash
c72d55b8814d8608c0f7b30bc0702267
77e43f759054f15704fa3ea5bba1a83e14b89c95
caf881120b6a92b6db9b72a9625eb0eea0aac9d778b73abbd01f7d4ee37ddcb0

HTTP Headers

GET /web/assets/1/c97de1e/web.assets_frontend_minimal.min.js HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:07:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 24 Sep 2024 22:18:19 GMT
content-disposition: inline; filename=web.assets_frontend_minimal.min.js
cache-control: public, max-age=31536000, immutable
expires: Wed, 08 Oct 2025 18:07:58 GMT
set-cookie: session_id=7wmhnUBybOTolKidZNHsvajJkTEegj5I-GwZyAIle8W7KaM44J1AksvgcPtougycIkLYbLGuHaA38l3Z29C5; Expires=Wed, 08 Oct 2025 18:07:58 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax
etag: W/"66f33aab-6a10"
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

code.adclickppc.com/7s-native-ad.js

89.117.21.238

3.8 kB

URL
code.adclickppc.com/7s-native-ad.js
IP
89.117.21.238:0
ASN
#40021 NL-811-40021

File type
JavaScript source, ASCII text, with very long lines (2348)
Size
3.8 kB (3814 bytes)
Hash
772af93afca9fd0e3e3fc174515a63a1
bc4f913cf8433061ffac0df6b60c9a9da3aadcc8
02d65ae29a709abc173d8f9369e23aae2740e311277a0a5e052c607bbf60a842

HTTP Headers

GET /7s-native-ad.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "228d-669e157a-a0095f;br"
last-modified: Mon, 22 Jul 2024 08:16:58 GMT
content-type: text/javascript
content-length: 3814
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:07:58 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

cdn.diclotrans.com/sdk/v1/34045/622f648149ab241e1e0effb6e0e5ee7c936137be/lib.js

188.114.97.1

200 OK

9.5 kB

URL GET HTTP/2
cdn.diclotrans.com/sdk/v1/34045/622f648149ab241e1e0effb6e0e5ee7c936137be/lib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (5983)
Size
9.5 kB (9540 bytes)
Hash
2931d1f73f6c11fad0aba178fb31ec1e
b0424bb32a304e68074ea0ee289a41ef4be6507b
f6ad7d4cc53fa75a38e754de7736295d2b0c4a5b382461a11d84d81749ff85d2

HTTP Headers

GET /sdk/v1/34045/622f648149ab241e1e0effb6e0e5ee7c936137be/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: text/javascript
content-length: 9540
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Tue, 08 Oct 2024 18:07:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTZykgVDn2RWG0W1Jn1qN%2B%2BLRiv6XaAMD7YYAmnDN4bEP%2BDCo4QfKI8YIvvYEHxS4xT%2BNn%2Bx4490Ve9qgFSXe%2FBkr8zBL%2B6M3mvP3PJLsbsY8anV6HGfYSH5hgWFqmSwkZ%2BWpSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d869ceb50c-OSL
X-Firefox-Spdy: h2

thelifewillbefine.de/karma/karma.js?karma=bs?nosaj=faster.mo

202.61.204.169

200 OK

585 kB

URL GET HTTP/2
thelifewillbefine.de/karma/karma.js?karma=bs?nosaj=faster.mo
IP
202.61.204.169:443
ASN
#197540 netcup GmbH

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerZeroSSL
Subjectthelifewillbefine.de
Fingerprint1F:26:B9:3B:C9:CF:6A:5E:AE:D6:34:F4:C4:FF:24:9C:16:A5:BB:4D
ValidityFri, 27 Sep 2024 00:00:00 GMT - Thu, 26 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (58862), with CRLF line terminators
Size
585 kB (585217 bytes)
Hash
6d93a147f2209d36dde60dca06e6445d
e98d373418edece7653810992d28a7bd7234768b
a3167e7e1ba9d63df76b6eec350c52698ef09bce32c823c3bb367d74e27eefc9

HTTP Headers

GET /karma/karma.js?karma=bs?nosaj=faster.mo HTTP/1.1
Host: thelifewillbefine.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache,max-age=86400
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 16 Sep 2024 22:22:03 GMT
accept-ranges: bytes
etag: "80b7f9da868db1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Tue, 08 Oct 2024 18:07:58 GMT
content-length: 585217
X-Firefox-Spdy: h2

code.adclickppc.com/7s-social-ad.js

89.117.21.238

1.6 kB

URL
code.adclickppc.com/7s-social-ad.js
IP
89.117.21.238:0
ASN
#40021 NL-811-40021

File type
JavaScript source, ASCII text, with very long lines (422)
Size
1.6 kB (1635 bytes)
Hash
a35894a392dfe65aabab4d3c7b0a6b95
0bf94453ab2b15c9f1ec847f66764aac084bb8f5
93a765c1b027c612601a5827bfc0d22e7b1b99e79f47060cd8e21a0ae03829e7

HTTP Headers

GET /7s-social-ad.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "1f2a-66586ac3-a00962;br"
last-modified: Thu, 30 May 2024 12:02:11 GMT
content-type: text/javascript
content-length: 1635
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:07:58 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

code.adclickppc.com/7s-popunder.js

89.117.21.238

452 B

URL
code.adclickppc.com/7s-popunder.js
IP
89.117.21.238:0
ASN
#40021 NL-811-40021

File type
ASCII text, with very long lines (954)
Size
452 B (452 bytes)
Hash
a5cf69ccec9c1bcbf7ac4aa3d2d72219
a0c9ab97af1f1ddbab877a5bbf7222411238f8b6
b821a10dff1987a8fc085343f5ebf352f057f87af77fd36fdde791cce1f6b389

HTTP Headers

GET /7s-popunder.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "3bb-66586a85-a00960;br"
last-modified: Thu, 30 May 2024 12:01:09 GMT
content-type: text/javascript
content-length: 452
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:07:59 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

code.adclickppc.com/7s-banner-ad.js

89.117.21.238

200 OK

3.3 kB

URL GET HTTP/2
code.adclickppc.com/7s-banner-ad.js
IP
89.117.21.238:443
ASN
#40021 NL-811-40021

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectcode.adclickppc.com
Fingerprint88:4C:69:BF:59:87:3B:24:A1:34:88:3D:DC:4B:9F:7E:8D:4B:B2:1B
ValidityThu, 22 Aug 2024 07:23:01 GMT - Wed, 20 Nov 2024 07:23:00 GMT

File type
ASCII text, with very long lines (2609)
Size
3.3 kB (3269 bytes)
Hash
cd6034e22a4f7f44d9e9542eb63ef3a2
957edce29a53b7759ad94cc19e70ad0149b5b3e8
d3e105989627d75a6aaad54d7088a4800db2378caabcf6e60c044b41999f314b

HTTP Headers

GET /7s-banner-ad.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "1bd5-669e156d-a0095e;br"
last-modified: Mon, 22 Jul 2024 08:16:45 GMT
content-type: text/javascript
content-length: 3269
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:07:59 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

cdn.diclotrans.com/sdk/v1/34707/fdc7a6a6665d7f946d627d7d2866dffaa549ac49/lib.js

188.114.97.1

200 OK

6.9 kB

URL GET HTTP/3
cdn.diclotrans.com/sdk/v1/34707/fdc7a6a6665d7f946d627d7d2866dffaa549ac49/lib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type
JavaScript source, ASCII text, with very long lines (5983)
Size
6.9 kB (6903 bytes)
Hash
b3ea73f768365d345492dbd81c4c9f1d
7b7ae7122525d94405fdf1bb519a4d4111a8cd5e
d7a147e9e38962b1a87178b2c0632cb7f8bb64fbc17e32fac2bee51079e117b1

HTTP Headers

GET /sdk/v1/34707/fdc7a6a6665d7f946d627d7d2866dffaa549ac49/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: text/javascript
content-length: 6903
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 352
last-modified: Tue, 08 Oct 2024 18:02:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EEXjELikjuLogddDVhvzoGbLtS5DgotfLkWqB7rMXXqJZg8lPRfq50D2mrmHfrnC3gouUlvSyBZ%2Bd6iV%2FwYkZ9PfEsKhjNFZzrsBJRPCnPiSUaH9CFZBZbzFNPV7t%2BsBY9KIX2o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d9b898dbfa-FRA

cdn.diclotrans.com/sdk/v1/35410/562f4ed5c83c45e3fa1c04fc71a3fcd2534b9081/lib.js

188.114.97.1

6.9 kB

URL
cdn.diclotrans.com/sdk/v1/35410/562f4ed5c83c45e3fa1c04fc71a3fcd2534b9081/lib.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (5983)
Size
6.9 kB (6901 bytes)
Hash
ff4c5046dad25b6918bafd80366cd941
7dc2e676298eb6ebc701c066c0cfe686f9c38347
942a0278e3e1116592169f2000ec3956f6f3354bd2ef502bde569c3f00dbbcfd

HTTP Headers

GET /sdk/v1/35410/562f4ed5c83c45e3fa1c04fc71a3fcd2534b9081/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: text/javascript
content-length: 6901
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 346
last-modified: Tue, 08 Oct 2024 18:02:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G5jq8BdsqyCgJ6btHm17zkPc2zlBuTHv3yvK5eBhuBTglKqp4uEKbPZamMhbOt%2FPPcQM8pJ3bhwFIPZk42%2BkDjBLrJM2bVG9y%2BKXcCYZ7Ncd2kUjvrBSvkTexEGLD10Cesqrl6Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d9d90cdbfa-FRA

cdn.diclotrans.com/sdk/v1/35412/52c375436298b74bf11728452e722c8d4a5066d3/lib.js

188.114.97.1

9.5 kB

URL
cdn.diclotrans.com/sdk/v1/35412/52c375436298b74bf11728452e722c8d4a5066d3/lib.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (5983)
Size
9.5 kB (9540 bytes)
Hash
5a0e261add09af18d253f5b82ad8d97c
8e2d3539beb43dc54d2dbcf7071351bdeadca4d7
e98767d75cf8934004e380c5b8b89eccbda43a767f85e6b39dafa1f1b7d30282

HTTP Headers

GET /sdk/v1/35412/52c375436298b74bf11728452e722c8d4a5066d3/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: text/javascript
content-length: 9540
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 346
last-modified: Tue, 08 Oct 2024 18:02:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FHTx1aQFvx%2BSpyO7urqvvQgXPNmMymNkSvxanRXE2uhXtBI7keaH5u7FDQP2VU%2BQOQolFkA3zKtUramWP7gZelys2dN%2FY27nQIk3FbEAzYBsO%2B4UvfA5OKeI3wc7JI0n2RApy8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d9d91edbfa-FRA

digitalhub.odoo.com/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0

34.93.222.88

200 OK

77 kB

URL GET HTTP/2
digitalhub.odoo.com/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
34.93.222.88:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: digitalhub.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: font/woff2
content-length: 77160
last-modified: Wed, 24 Jul 2024 05:15:28 GMT
etag: "66a08df0-12d68"
expires: Wed, 09 Oct 2024 18:07:59 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2

e-earnings.odoo.com/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0

34.93.11.120

200 OK

77 kB

URL GET HTTP/2
e-earnings.odoo.com/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
34.93.11.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: e-earnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: font/woff2
content-length: 77160
last-modified: Wed, 24 Jul 2024 05:15:48 GMT
etag: "66a08e04-12d68"
expires: Wed, 09 Oct 2024 18:07:59 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e141a0e4f3ddbf1a44bad021b80b8a74
6e9699bcef2091a340b3575c8a7b1e9d41f02300
3c3d0dbac89213db6cabd0e901c288db7b9cb43191f3aa52df120d81fc7f5be5

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.163

471 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f0fb8f657d774d6bcd3cbfe023c1b71
afcbd66dc0a108d90f9eeb17094a8c5c387dc623
69ae177bf04d90b904d73c7bddf813ff94569cb1891e2258b577cebdbadc192b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.163

471 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f0fb8f657d774d6bcd3cbfe023c1b71
afcbd66dc0a108d90f9eeb17094a8c5c387dc623
69ae177bf04d90b904d73c7bddf813ff94569cb1891e2258b577cebdbadc192b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:07:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://draft.blogger.com/
Origin: https://draft.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 14:48:26 GMT
expires: Sun, 05 Oct 2025 14:48:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 271173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

code.adclickppc.com/7s-banner-ad.js

89.117.21.238

200 OK

3.3 kB

URL GET HTTP/2
code.adclickppc.com/7s-banner-ad.js
IP
89.117.21.238:443
ASN
#40021 NL-811-40021

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectcode.adclickppc.com
Fingerprint88:4C:69:BF:59:87:3B:24:A1:34:88:3D:DC:4B:9F:7E:8D:4B:B2:1B
ValidityThu, 22 Aug 2024 07:23:01 GMT - Wed, 20 Nov 2024 07:23:00 GMT

File type
ASCII text, with very long lines (2609)
Size
3.3 kB (3269 bytes)
Hash
cd6034e22a4f7f44d9e9542eb63ef3a2
957edce29a53b7759ad94cc19e70ad0149b5b3e8
d3e105989627d75a6aaad54d7088a4800db2378caabcf6e60c044b41999f314b

HTTP Headers

GET /7s-banner-ad.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
etag: "1bd5-669e156d-a0095e;br"
last-modified: Mon, 22 Jul 2024 08:16:45 GMT
content-type: text/javascript
content-length: 3269
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:07:59 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

richinfo.co/richpartners/pops/js/richads-pu-ob.js

109.200.199.111

200 OK

26 kB

URL GET HTTP/2
richinfo.co/richpartners/pops/js/richads-pu-ob.js
IP
109.200.199.111:443
ASN
#49544 i3D.net B.V

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectrichinfo.co
FingerprintB8:7F:BF:76:D2:60:E9:C8:59:13:9D:92:27:34:7B:DE:B9:AB:64:32
ValiditySat, 05 Oct 2024 12:52:28 GMT - Fri, 03 Jan 2025 12:52:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25797 bytes)
Hash
3b5cdc58b7044925116e1ae2e711d59e
be8837bf04de2040cecfa31a9ec634e71af4e499
7dbef13691e98ded3f9416ea6cebb65e8726be105f2452a27a20f4f47c028d3a

HTTP Headers

GET /richpartners/pops/js/richads-pu-ob.js HTTP/1.1
Host: richinfo.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Tue, 08 Oct 2024 18:07:58 GMT
content-type: application/x-javascript
x-amz-id-2: tPnG0rVUwwQR1B5po/nT5iac+39hGzc2s55+Ui0QjP0QW0TTLTG38vjqqJXPXBev+cPzW0SIF1g=
x-amz-request-id: NAEG8MF5RWDRT3TB
last-modified: Mon, 07 Oct 2024 11:58:56 GMT
etag: W/"3b5cdc58b7044925116e1ae2e711d59e"
x-amz-server-side-encryption: AES256
content-encoding: gzip
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.207.206

200 OK

0 B

URL POST HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997#%7B%22color%22:%22rgb(102,%20102,%20102)%22,%22backgroundColor%22:%22rgb(61,%20133,%20198)%22,%22unvisitedLinkColor%22:%22rgb(61,%20116,%20165)%22,%22fontFamily%22:%22Arial,%20Tahoma,%20Helvetica,%20FreeSans,%20sans-serif%22%7D
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://draft.blogger.com/
Origin: https://draft.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://draft.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 08 Oct 2024 18:07:59 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js

142.250.74.67

200 OK

218 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
JavaScript source, ASCII text, with very long lines (724)
Size
218 kB (218137 bytes)
Hash
33aff52b82a1df246136e75500d93220
4675754451af81f996eab925923c31ef5115a9f4
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731

HTTP Headers

GET /recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
Origin: https://draft.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 218137
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:01:38 GMT
expires: Wed, 08 Oct 2025 11:01:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 25581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 08 Oct 2024 18:07:59 GMT
age: 2362337
x-served-by: cache-lga21931-LGA, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 445024
x-timer: S1728410880.946323,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 08 Oct 2024 18:07:59 GMT
age: 2362337
x-served-by: cache-lga21931-LGA, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 445026
x-timer: S1728410880.947076,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 08 Oct 2024 18:07:59 GMT
age: 2362337
x-served-by: cache-lga21931-LGA, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 445026
x-timer: S1728410880.947054,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.207.206

200 OK

131 B

URL POST HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997#%7B%22color%22:%22rgb(102,%20102,%20102)%22,%22backgroundColor%22:%22rgb(61,%20133,%20198)%22,%22unvisitedLinkColor%22:%22rgb(61,%20116,%20165)%22,%22fontFamily%22:%22Arial,%20Tahoma,%20Helvetica,%20FreeSans,%20sans-serif%22%7D
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 587
Origin: https://draft.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://draft.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 08 Oct 2024 18:07:59 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

e-earnings.odoo.com/web/assets/1/61e9e6d/web.assets_frontend_minimal.min.js

34.93.11.120

9.6 kB

URL
e-earnings.odoo.com/web/assets/1/61e9e6d/web.assets_frontend_minimal.min.js
IP
34.93.11.120:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
gzip compressed data, max speed, from Unix
Size
9.6 kB (9595 bytes)
Hash
9a6f143ddd50c951db7766d63ff7b132
ecd48be20e7eae9047e603b51ce07cab7762ef16
69c81299873e34b379af64d8c7efb17ae2f723dc9799c1de52d959d72ca685c0

HTTP Headers

GET /web/assets/1/61e9e6d/web.assets_frontend_minimal.min.js HTTP/1.1
Host: e-earnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Sep 2024 06:56:34 GMT
content-disposition: inline; filename=web.assets_frontend_minimal.min.js
cache-control: public, max-age=31536000, immutable
expires: Wed, 08 Oct 2025 18:07:59 GMT
set-cookie: session_id=NWxpnAihgPTCManBI1dEDrvNORFUIZXGueA6CD8HgiTUS4qD7Y9Il5FMbqsNczq567Ct_lh7wEBVIFCis16A; Expires=Wed, 08 Oct 2025 18:07:59 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax
etag: W/"66dfeda2-6a10"
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.163

471 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f0fb8f657d774d6bcd3cbfe023c1b71
afcbd66dc0a108d90f9eeb17094a8c5c387dc623
69ae177bf04d90b904d73c7bddf813ff94569cb1891e2258b577cebdbadc192b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:08:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

services.7searchppc.com/api/adscript

149.28.70.94

204 No Content

0 B

URL OPTIONS HTTP/2
services.7searchppc.com/api/adscript
IP
149.28.70.94:443
ASN
#20473 AS-CHOOPA

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectservices.7searchppc.com
FingerprintFD:D1:C9:B1:7E:21:E0:26:D5:23:9A:6A:7E:6D:88:8C:74:7E:73:3E
ValidityThu, 05 Sep 2024 11:04:03 GMT - Wed, 04 Dec 2024 11:04:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type,x-api-key
access-control-max-age: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Oct 2024 18:08:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

late-anxiety.com/b.XuVgsmd/Glld0EYjWucc/Dedml9KuTZhUClqkaPqTVUR1tM/jDkt0MOJDJYYtlNhT/UQyZOITUQw4/N/wA

88.85.69.211

200 OK

0 B

URL GET HTTP/2
late-anxiety.com/b.XuVgsmd/Glld0EYjWucc/Dedml9KuTZhUClqkaPqTVUR1tM/jDkt0MOJDJYYtlNhT/UQyZOITUQw4/N/wA
IP
88.85.69.211:443
ASN
#35415 Webzilla B.V.

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectlate-anxiety.com
Fingerprint90:89:AB:BE:EF:D3:BA:82:DF:30:DE:3D:32:C9:FF:E0:55:E8:C0:43
ValiditySun, 22 Sep 2024 01:49:58 GMT - Sat, 21 Dec 2024 01:49:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b.XuVgsmd/Glld0EYjWucc/Dedml9KuTZhUClqkaPqTVUR1tM/jDkt0MOJDJYYtlNhT/UQyZOITUQw4/N/wA HTTP/1.1
Host: late-anxiety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://digitalhub.odoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: application/javascript
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
vary: Origin
access-control-allow-origin: https://digitalhub.odoo.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 08 Oct 2024 18:08:00 GMT
age: 2362337
x-served-by: cache-lga21931-LGA, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 445027
x-timer: S1728410881.525204,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

late-anxiety.com/b.XIVZsSdbG/lx0uYbWydpiWYSWQ5LuJZ/XxIk/ceKme9luEZ/UmlRknPVTKUB1mM/jykN0/N_zIYVtgNNTWU/y/O_TiQD3/Ngwm

88.85.69.211

200 OK

36 kB

URL GET HTTP/2
late-anxiety.com/b.XIVZsSdbG/lx0uYbWydpiWYSWQ5LuJZ/XxIk/ceKme9luEZ/UmlRknPVTKUB1mM/jykN0/N_zIYVtgNNTWU/y/O_TiQD3/Ngwm
IP
88.85.69.211:443
ASN
#35415 Webzilla B.V.

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectlate-anxiety.com
Fingerprint90:89:AB:BE:EF:D3:BA:82:DF:30:DE:3D:32:C9:FF:E0:55:E8:C0:43
ValiditySun, 22 Sep 2024 01:49:58 GMT - Sat, 21 Dec 2024 01:49:57 GMT

File type
JavaScript source, ASCII text, with very long lines (13223)
Size
36 kB (35582 bytes)
Hash
44c008d42477209e7dd179a4d2cef3b9
dd45aaa464b623849073b4c5d6fee0737602fc2c
4f41fb53e59c2e99b90cdb7eb19fcd1a771e981e37391eb2847be140f6cce91b

HTTP Headers

GET /b.XIVZsSdbG/lx0uYbWydpiWYSWQ5LuJZ/XxIk/ceKme9luEZ/UmlRknPVTKUB1mM/jykN0/N_zIYVtgNNTWU/y/O_TiQD3/Ngwm HTTP/1.1
Host: late-anxiety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://digitalhub.odoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: application/javascript
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-origin: https://digitalhub.odoo.com
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 08 Oct 2024 18:08:00 GMT
age: 2362337
x-served-by: cache-lga21931-LGA, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 445029
x-timer: S1728410881.572650,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 08 Oct 2024 18:08:00 GMT
age: 2362337
x-served-by: cache-lga21931-LGA, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 445030
x-timer: S1728410881.629994,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

network.eonads.com/adserver/www/delivery/asyncjs.php

172.67.135.26

36 kB

URL
network.eonads.com/adserver/www/delivery/asyncjs.php
IP
172.67.135.26:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (34553), with CRLF, LF line terminators
Size
36 kB (36194 bytes)
Hash
54bff0223412523ff5889ef4f60ec31e
fdc5f0c0bd3979e4f8e4cadaca2134e1e7366148
ffdc9aeb836b55d5513fd22be8800f78872e24da1d3dd8295eaa9735dbbc4456

HTTP Headers

GET /adserver/www/delivery/asyncjs.php HTTP/1.1
Host: network.eonads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/javascript;charset=UTF-8
etag: f87497be83f6ed6b52c3b340d803ae0d
expire: Tue, 08 Oct 2024 19:08:00 GMT
cache-control: private, max-age=3600
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAGEO=2%7CNO%7CEU%7C%7COslo%7C0791%7C59.9016%7C10.7343%7C1000%7CEurope%2FOslo%7C%7C03%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C; path=/; secure; SameSite=none
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QbXkxOsA4YWugciMfRfNYEpb92hweqkiOZyNlLjTrDwnCmuSwBX1hsWsWNc%2BEJesnvz6iiUmk2Nr44383O02bdpSsgIOSo9mPalQsToim%2BHaVCvTXwj%2FHMq%2ForMWfba2DmQKSjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d84cf5d9d8-FRA
X-Firefox-Spdy: h2

autofaucet.org/wm/Usmanja200/4

172.67.133.36

31 kB

URL
autofaucet.org/wm/Usmanja200/4
IP
172.67.133.36:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (430), with no line terminators
Size
31 kB (31151 bytes)
Hash
e88196fee61c1cfad2b6cc783c9126ef
0af223a8d63225a09b9e069cdf7698c48deb156a
8134f65e957849970df662f943f6a921a8353007db6481e43873bfadc9a6b8b9

HTTP Headers

GET /wm/Usmanja200/4 HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA, ECT, Width, Viewport-Width, Platform-Version, Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: d3GL63S44vVGAv3N5k9x826tAeWsH3thgoY4AKDpHGtdGSPk=14f5ae4a85939554f197ccd07ac3aa1d; path=/
d3GL63S44vVGAv3N5k9x826tAeWcH3thgoY4AKDpHGtdGSPk=585562c4be83e39a41e5ef993dc919d1; expires=Sun, 06-Apr-2025 18:08:00 GMT; Max-Age=15552000; path=/; secure; httponly; SameSite=Strict
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=74jpV0iqW2qyqVaobCv7ln3nJfOlU9bru9F4AF51xaRHOEe9tWtuiDtaNJvHf7kKzPe2%2F4IfX87i0LJ9sK3Raj9V9XWysJwDCTY0BHuuhfl9un0n840EpmGOx1jpp%2F0FBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812dfcda0070e-LHR
content-encoding: br
X-Firefox-Spdy: h2

digitalhub.odoo.com/web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2

34.93.222.88

6.1 kB

URL
digitalhub.odoo.com/web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2
IP
34.93.222.88:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
Web Open Font Format (Version 2), TrueType, length 6112, version 1.0
Size
6.1 kB (6112 bytes)
Hash
b18bdccc4c54bd33db9669dfa3be3874
0ba2edc62a4f2218dba5db8e7a02d953e75fc38a
3903bc45057173250193d71977e61e1ae200c370be35d3753112b0d7ac57586f

HTTP Headers

GET /web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2 HTTP/1.1
Host: digitalhub.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://digitalhub.odoo.com/web/assets/1/3773489/web.assets_frontend.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: font/woff2
content-length: 6112
last-modified: Wed, 24 Jul 2024 05:15:27 GMT
etag: "66a08def-17e0"
expires: Wed, 09 Oct 2024 18:08:00 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2

digitalhub.odoo.com/web/static/fonts/twitter_x_only.woff

34.93.222.88

3.3 kB

URL
digitalhub.odoo.com/web/static/fonts/twitter_x_only.woff
IP
34.93.222.88:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
Web Open Font Format, TrueType, length 3344, version 1.0
Size
3.3 kB (3344 bytes)
Hash
ea1f5e2f3b2b3436d0b0d20457edfe7f
90db7b60dcb9104c32aa63ede69047b42eb6b0b5
c2718e868864effe11ef575d59f605d866b457acd29975c279113e9f32fabf8a

HTTP Headers

GET /web/static/fonts/twitter_x_only.woff HTTP/1.1
Host: digitalhub.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://digitalhub.odoo.com/web/assets/1/3773489/web.assets_frontend.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: font/woff
content-length: 3344
last-modified: Wed, 24 Jul 2024 05:15:27 GMT
etag: "66a08def-d10"
expires: Wed, 09 Oct 2024 18:08:00 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

104.17.25.14

200 OK

4.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
FingerprintE6:47:BB:06:9C:32:48:7E:A6:0A:4B:62:53:7B:F0:35:5D:A9:A3:8A
ValiditySat, 28 Sep 2024 05:35:05 GMT - Fri, 27 Dec 2024 05:35:04 GMT

File type
ASCII text, with very long lines (65348)
Size
4.2 kB (4216 bytes)
Hash
c0be8e53226ac34833fd9b5dbc01ebc5
b81ef1b22de26af8a7a4656f565fbc91a69d7518
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

HTTP Headers

GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1854
expires: Sun, 28 Sep 2025 18:08:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nrW4%2BFd79Om8Q6%2FQlzY7BLL6ocnebLAhvVEDAFjc%2FAyDUICBB2c5B1IdM3ifVh5fUJ9qHGQTMQ7jZ2WNTRULJPJoqNpqoajGIKimI%2F1NyVHdJGJuQ%2B3uO3Sa1Vfv1OrdvkQB9%2FH6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8cf812e4d81bb521-OSL
X-Firefox-Spdy: h2

services.7searchppc.com/api/adscript

149.28.70.94

204 No Content

100 B

URL OPTIONS HTTP/2
services.7searchppc.com/api/adscript
IP
149.28.70.94:443
ASN
#20473 AS-CHOOPA

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectservices.7searchppc.com
FingerprintFD:D1:C9:B1:7E:21:E0:26:D5:23:9A:6A:7E:6D:88:8C:74:7E:73:3E
ValidityThu, 05 Sep 2024 11:04:03 GMT - Wed, 04 Dec 2024 11:04:02 GMT

File type
JSON text data
Size
100 B (100 bytes)
Hash
c778aac1852c0b7b18c56b6094684fe7
8ecf3c38f4216f97bccf3e3298cc93a8ed0caedb
e1f6cad275c762aeacbe209cd7b3ab37b51a6b755ab18174854c1a7d17752a0d

HTTP Headers

POST /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Content-Type: application/json
X-API-KEY: cs4788livKoP9i4Erwt6
Content-Length: 120
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
content-encoding: gzip
content-length: 100
date: Tue, 08 Oct 2024 18:08:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

e-earnings.odoo.com/web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2

34.93.11.120

6.1 kB

URL
e-earnings.odoo.com/web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2
IP
34.93.11.120:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
Web Open Font Format (Version 2), TrueType, length 6112, version 1.0
Size
6.1 kB (6112 bytes)
Hash
b18bdccc4c54bd33db9669dfa3be3874
0ba2edc62a4f2218dba5db8e7a02d953e75fc38a
3903bc45057173250193d71977e61e1ae200c370be35d3753112b0d7ac57586f

HTTP Headers

GET /web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2 HTTP/1.1
Host: e-earnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://e-earnings.odoo.com/web/assets/1/5bc36e7/web.assets_frontend.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: font/woff2
content-length: 6112
last-modified: Wed, 24 Jul 2024 05:15:48 GMT
etag: "66a08e04-17e0"
expires: Wed, 09 Oct 2024 18:08:00 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2

code.adclickppc.com/7s-banner-ad.js

89.117.21.238

200 OK

3.3 kB

URL GET HTTP/2
code.adclickppc.com/7s-banner-ad.js
IP
89.117.21.238:443
ASN
#40021 NL-811-40021

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectcode.adclickppc.com
Fingerprint88:4C:69:BF:59:87:3B:24:A1:34:88:3D:DC:4B:9F:7E:8D:4B:B2:1B
ValidityThu, 22 Aug 2024 07:23:01 GMT - Wed, 20 Nov 2024 07:23:00 GMT

File type
ASCII text, with very long lines (2609)
Size
3.3 kB (3269 bytes)
Hash
cd6034e22a4f7f44d9e9542eb63ef3a2
957edce29a53b7759ad94cc19e70ad0149b5b3e8
d3e105989627d75a6aaad54d7088a4800db2378caabcf6e60c044b41999f314b

HTTP Headers

GET /7s-banner-ad.js HTTP/1.1
Host: code.adclickppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
etag: "1bd5-669e156d-a0095e;br"
last-modified: Mon, 22 Jul 2024 08:16:45 GMT
content-type: text/javascript
content-length: 3269
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:00 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

autofaucet.org/wm/Usmanja200/8

172.67.133.36

200 OK

746 B

URL GET HTTP/2
autofaucet.org/wm/Usmanja200/8
IP
172.67.133.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectautofaucet.org
Fingerprint30:14:68:FC:2C:F5:A9:6C:C4:E1:22:CB:59:94:47:BE:9D:76:AD:8E
ValidityTue, 24 Sep 2024 11:44:05 GMT - Mon, 23 Dec 2024 11:44:04 GMT

File type
HTML document, ASCII text, with very long lines (430), with no line terminators
Size
746 B (746 bytes)
Hash
24ccf312d4c3eb574d956244cda6e7a6
557b112766f53adb36f336a94aaf2c8e94f1cb79
461320e1c86ba08d9dd97e8770846031c210618ac96c610dd304b53a86a61d72

HTTP Headers

GET /wm/Usmanja200/8 HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA, ECT, Width, Viewport-Width, Platform-Version, Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: d3GL63S44vVGAv3N5k9x826tAeWsH3thgoY4AKDpHGtdGSPk=ebdc4c4076e330e66aaf2951b59cfd22; path=/
d3GL63S44vVGAv3N5k9x826tAeWcH3thgoY4AKDpHGtdGSPk=23d4ebc4baf001fb9555c1d6bde64b53; expires=Sun, 06-Apr-2025 18:08:00 GMT; Max-Age=15552000; path=/; secure; httponly; SameSite=Strict
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inLKgTztatBd6YC3ssS%2F5nCNeZBU4juE5S9rum4962hjFlf5flqKhHzU3MMkeTmx4h5Dplv2haIHAEjfEeO796Eidv8lsJFaHdnydGsrp81FLcXgJgv5ws20Q7dBJhDLBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812dfedc2070e-LHR
content-encoding: br
X-Firefox-Spdy: h2

late-anxiety.com/aJW.ZKyLPM2_QO9PMQTRc-yTOUDVQWx_MYDZga4bM-DdMexfNgT_Qi3jMkzlk-ynMoipZqp_cs2t1u1vb-HxRypzdAG_FCnDPEWFF-jHNIjJQK3_MMDNlOkPM-TRkSxTZUD_QWxXZYjZU-3bOcWdNel_NgzhYiyjO-DlZmmnNoz_Uq2rYs2tZ-kvJwmx1y1_bAHBRCpDd-GFFGnHYIm_FKuLbMmNV-yPPQXRRSy_dUWVUWmXc-nZJapbZcD_1ehfYgzhY-0jNkzlAm5_ZoDpEq5rM-WtQu0vMwW_Yy1zNAzBl-jDZETFcG2_MIjJgK2LZ-jNcO1PNQm_NSmTZUCVZ-6XbY2Z5al_acWdQe9fN-ThUiyjOkT_Qm4nNoAp?iframeId=exdnqy

88.85.69.211

0 B

URL
late-anxiety.com/aJW.ZKyLPM2_QO9PMQTRc-yTOUDVQWx_MYDZga4bM-DdMexfNgT_Qi3jMkzlk-ynMoipZqp_cs2t1u1vb-HxRypzdAG_FCnDPEWFF-jHNIjJQK3_MMDNlOkPM-TRkSxTZUD_QWxXZYjZU-3bOcWdNel_NgzhYiyjO-DlZmmnNoz_Uq2rYs2tZ-kvJwmx1y1_bAHBRCpDd-GFFGnHYIm_FKuLbMmNV-yPPQXRRSy_dUWVUWmXc-nZJapbZcD_1ehfYgzhY-0jNkzlAm5_ZoDpEq5rM-WtQu0vMwW_Yy1zNAzBl-jDZETFcG2_MIjJgK2LZ-jNcO1PNQm_NSmTZUCVZ-6XbY2Z5al_acWdQe9fN-ThUiyjOkT_Qm4nNoAp?iframeId=exdnqy
IP
88.85.69.211:0
ASN
#35415 Webzilla B.V.

Certificate
IssuerLet's Encrypt
Subjectlate-anxiety.com
Fingerprint90:89:AB:BE:EF:D3:BA:82:DF:30:DE:3D:32:C9:FF:E0:55:E8:C0:43
ValiditySun, 22 Sep 2024 01:49:58 GMT - Sat, 21 Dec 2024 01:49:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /aJW.ZKyLPM2_QO9PMQTRc-yTOUDVQWx_MYDZga4bM-DdMexfNgT_Qi3jMkzlk-ynMoipZqp_cs2t1u1vb-HxRypzdAG_FCnDPEWFF-jHNIjJQK3_MMDNlOkPM-TRkSxTZUD_QWxXZYjZU-3bOcWdNel_NgzhYiyjO-DlZmmnNoz_Uq2rYs2tZ-kvJwmx1y1_bAHBRCpDd-GFFGnHYIm_FKuLbMmNV-yPPQXRRSy_dUWVUWmXc-nZJapbZcD_1ehfYgzhY-0jNkzlAm5_ZoDpEq5rM-WtQu0vMwW_Yy1zNAzBl-jDZETFcG2_MIjJgK2LZ-jNcO1PNQm_NSmTZUCVZ-6XbY2Z5al_acWdQe9fN-ThUiyjOkT_Qm4nNoAp?iframeId=exdnqy HTTP/1.1
Host: late-anxiety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: text/html;charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
X-Firefox-Spdy: h2

services.7searchppc.com/api/adscript

149.28.70.94

204 No Content

0 B

URL OPTIONS HTTP/2
services.7searchppc.com/api/adscript
IP
149.28.70.94:443
ASN
#20473 AS-CHOOPA

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectservices.7searchppc.com
FingerprintFD:D1:C9:B1:7E:21:E0:26:D5:23:9A:6A:7E:6D:88:8C:74:7E:73:3E
ValidityThu, 05 Sep 2024 11:04:03 GMT - Wed, 04 Dec 2024 11:04:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type,x-api-key
access-control-max-age: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Oct 2024 18:08:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

autofaucet.org/wm/Usmanja200/2

172.67.133.36

200 OK

274 B

URL GET HTTP/2
autofaucet.org/wm/Usmanja200/2
IP
172.67.133.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectautofaucet.org
Fingerprint30:14:68:FC:2C:F5:A9:6C:C4:E1:22:CB:59:94:47:BE:9D:76:AD:8E
ValidityTue, 24 Sep 2024 11:44:05 GMT - Mon, 23 Dec 2024 11:44:04 GMT

File type
HTML document, ASCII text, with very long lines (430), with no line terminators
Size
274 B (274 bytes)
Hash
928f05275157025d1d2d8745d646b020
b17138334419b4c0ae6c27e3a882644b128d78b0
36e6ab0e186ca126424043ed2e853e6919570a355affc466b1117b2c6c104e0e

HTTP Headers

GET /wm/Usmanja200/2 HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA, ECT, Width, Viewport-Width, Platform-Version, Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: d3GL63S44vVGAv3N5k9x826tAeWsH3thgoY4AKDpHGtdGSPk=3f3d1793d3bf7c6553b27231ba0589c3; path=/
d3GL63S44vVGAv3N5k9x826tAeWcH3thgoY4AKDpHGtdGSPk=46a9cf8c9a738539b1f1b41f499880ac; expires=Sun, 06-Apr-2025 18:08:00 GMT; Max-Age=15552000; path=/; secure; httponly; SameSite=Strict
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBCB8SLvx8Zp8J6qBKpRlvzxHzBgSa4tblehJgKdLKoXkcaVLj9WAMG7NO2IXRDrqucbIVIVRnkcSdj2I2wZ3Mg7hWhA8ASbcToiwPZQd8K4B59HJn5Z2FMSTKNwTpfUEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812dfcd9b070e-LHR
content-encoding: br
X-Firefox-Spdy: h2

autofaucet.org/wm/Usmanja200/4

172.67.133.36

274 B

URL
autofaucet.org/wm/Usmanja200/4
IP
172.67.133.36:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (430), with no line terminators
Size
274 B (274 bytes)
Hash
e10bd13eb02edc78519a1be7320d6477
4a6f75486f9fc2605b733ae3b851a9faa54840b3
8d718242b441f9f111db69c69bc0188ef02b8ae617724667512132ffb9ebf644

HTTP Headers

GET /wm/Usmanja200/4 HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA, ECT, Width, Viewport-Width, Platform-Version, Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: d3GL63S44vVGAv3N5k9x826tAeWsH3thgoY4AKDpHGtdGSPk=6fda9f0ec43834aede290d8158632f91; path=/
d3GL63S44vVGAv3N5k9x826tAeWcH3thgoY4AKDpHGtdGSPk=8c22a437c52c1dfc23299dd9feb7612d; expires=Sun, 06-Apr-2025 18:08:00 GMT; Max-Age=15552000; path=/; secure; httponly; SameSite=Strict
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BLdKSoExYln71xrkztGwYkZTJ8Par8FRGq8oyCpJnS5FYAeXfpv5BgKuenQ69o1rKgueT85niS7%2BjVXpP76YcchvM0nRv6JFRFE9C%2FovyI9uq8z%2F%2FYvCHkLBnuDBNXHeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812dfbd85070e-LHR
content-encoding: br
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

104.17.25.14

200 OK

4.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
FingerprintE6:47:BB:06:9C:32:48:7E:A6:0A:4B:62:53:7B:F0:35:5D:A9:A3:8A
ValiditySat, 28 Sep 2024 05:35:05 GMT - Fri, 27 Dec 2024 05:35:04 GMT

File type
ASCII text, with very long lines (65348)
Size
4.2 kB (4216 bytes)
Hash
c0be8e53226ac34833fd9b5dbc01ebc5
b81ef1b22de26af8a7a4656f565fbc91a69d7518
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

HTTP Headers

GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1855
expires: Sun, 28 Sep 2025 18:08:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4eqyaFTM0HSlgH63h0vWiFcbIx9G3LOfGgNXPSKVwvMjS741PHmhYuN%2FUGFQWl2VRHt6tPog5yGQvmh1mMFMRAPHwXIPtHd%2B34X8TdpklryLfIUlIDP%2BqdE2YffDBzz5EjoC3e7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8cf812e80dd7b521-OSL
X-Firefox-Spdy: h2

ayelads.com/display/items.php?ad=3bLasn8&s=0&h=728x90

162.0.235.250

200 OK

585 B

URL GET HTTP/2
ayelads.com/display/items.php?ad=3bLasn8&s=0&h=728x90
IP
162.0.235.250:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerSectigo Limited
Subjectayelads.com
Fingerprint0F:E5:D3:44:BF:BA:32:B8:E8:10:C5:62:C2:C4:EB:A7:CD:13:A6:12
ValidityTue, 12 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
585 B (585 bytes)
Hash
22b0b4097ef955aa4b8f3fe5693169c1
d3487df7cf48dea68f87245d5bb295740b87d9fb
b2020956c3ae93c86ed566839760fe8bcf194791b12d293f0793bca390592e2d

HTTP Headers

GET /display/items.php?ad=3bLasn8&s=0&h=728x90 HTTP/1.1
Host: ayelads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/8.1.29
set-cookie: PHPSESSID=pbd74np3e4ui9i32jtsbl2fe2i; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 585
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a06f9ecf8ee97c3fdb0fa57b07179adc
badb045795ecba961fc6a4686cf1f6478b061355
1f5c65d4b831bc8a3210a0327af00fc8656a7a4fae06c38f5d3d550147f901f3

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1F5C65D4B831BC8A3210A0327AF00FC8656A7A4FAE06C38F5D3D550147F901F3"
Last-Modified: Tue, 08 Oct 2024 05:31:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4952
Expires: Tue, 08 Oct 2024 19:30:33 GMT
Date: Tue, 08 Oct 2024 18:08:01 GMT
Connection: keep-alive

7ool.net/richpartners/pops/js/pu-ob.js

31.204.132.208

200 OK

18 kB

URL GET HTTP/2
7ool.net/richpartners/pops/js/pu-ob.js
IP
31.204.132.208:443
ASN
#49544 i3D.net B.V

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subject7ool.net
FingerprintDF:7F:E2:B7:46:AB:B4:2D:6A:7F:1B:BC:DE:B6:94:CA:FD:6A:5E:CD
ValiditySat, 05 Oct 2024 00:56:28 GMT - Fri, 03 Jan 2025 00:56:27 GMT

File type
gzip compressed data, from Unix
Size
18 kB (17712 bytes)
Hash
c598f8bf9fe11f7b318f1c73f43ea72f
12af969dd0f9c6e3826e84b3e5c84ba000f8d08e
0dac9c712475de54ad8e0bfc46dce4d6c992a193cae5be96ce670d21690c5bb0

HTTP Headers

GET /richpartners/pops/js/pu-ob.js HTTP/1.1
Host: 7ool.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: application/x-javascript
x-amz-id-2: AkcKi2BzkPV3jxl3261qpVABtx39/rGvuRSj+8nBNUHJHEMTPFrfn6CC6dfUrAfk2RLARFagThE=
x-amz-request-id: EZV0PXVS7BKSHS8J
last-modified: Mon, 07 Oct 2024 11:58:55 GMT
etag: W/"6ffabec4290a76154425808d40c0b9bc"
x-amz-server-side-encryption: AES256
content-encoding: gzip
X-Firefox-Spdy: h2

dgbmining.online/bits-ads.php?type=0&&ids=51

188.114.96.1

200 OK

2.4 kB

URL GET HTTP/2
dgbmining.online/bits-ads.php?type=0&&ids=51
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdgbmining.online
Fingerprint60:72:17:0F:BF:39:FC:11:51:A3:92:A0:11:50:A7:EF:F7:8B:AA:4A
ValidityTue, 01 Oct 2024 05:54:34 GMT - Mon, 30 Dec 2024 05:54:33 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4267)
Size
2.4 kB (2359 bytes)
Hash
5b03c9982c9057517bbeb80adb36c1c6
fbe2daff25f0b9129fb8c14684df04dba9a43dfc
b35d2b83d8cfb154e26223d33494c898a7a34539cac1e0d40a3ffc0c311dbc0c

HTTP Headers

GET /bits-ads.php?type=0&&ids=51 HTTP/1.1
Host: dgbmining.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYE0tsDcy2nA26zmqOkM2cReKRzpLnrmqtwvxYfEyMPwLBtVK1EkPqTBTqg%2FGMIZDbf7GI7OkMCidc7zF5Ge6039irgrp0Nw7No5yVAnNcy6kYaQkvyOch32A6rGj2d6nhOs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812defed0b503-OSL
content-encoding: br
X-Firefox-Spdy: h2

autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.133.36

200 OK

4.4 kB

URL GET HTTP/2
autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.133.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://autofaucet.org/wm/Usmanja200/4
Certificate
IssuerGoogle Trust Services
Subjectautofaucet.org
Fingerprint30:14:68:FC:2C:F5:A9:6C:C4:E1:22:CB:59:94:47:BE:9D:76:AD:8E
ValidityTue, 24 Sep 2024 11:44:05 GMT - Mon, 23 Dec 2024 11:44:04 GMT

File type
gzip compressed data, from Unix
Size
4.4 kB (4358 bytes)
Hash
aac76e6ded11936169b854b26463cba8
ed9804936111a4ebbd9fb8bed4b33ee175a7e090
3d44bf34b84cf2dfb721f3cfb5dd1d66e64e5c18e341357d483432cce19a6586

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autofaucet.org/wm/Usmanja200/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 14:50:16 GMT
etag: W/"66fc0c28-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CM3WYsvbH5JZMG02AGeB7x0QSkoZ2nmsHAuqf0I1JRqzyhoPRYLLJ0BlZCqHXHY0NL%2F4iu9IfKYVPEQHF05Il24%2B2vWqENdwfSyuCMxhEPQJIsuq3fLu2GGLgEokwQqx4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812e7ae9e070e-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 18:08:01 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

104.17.25.14

200 OK

4.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
FingerprintE6:47:BB:06:9C:32:48:7E:A6:0A:4B:62:53:7B:F0:35:5D:A9:A3:8A
ValiditySat, 28 Sep 2024 05:35:05 GMT - Fri, 27 Dec 2024 05:35:04 GMT

File type
ASCII text, with very long lines (65348)
Size
4.2 kB (4216 bytes)
Hash
c0be8e53226ac34833fd9b5dbc01ebc5
b81ef1b22de26af8a7a4656f565fbc91a69d7518
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

HTTP Headers

GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1855
expires: Sun, 28 Sep 2025 18:08:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vzK75Twgpk8pM378ky7xj%2FIqc3dqJnRbF7Ob9cjJ%2FrW%2Bnfdu3Ho6qUGX6XLrRLViHQlaershbw1ZIOUlsOiX4XTFXBbtrecuJKyQXs66E1wrrgJvgfieF9Hivn%2Fj7VWQ5vS4hwF4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8cf812e97892b521-OSL
X-Firefox-Spdy: h2

diclotrans.com/pick?id=35406&auth=3af8ee8afd26cb71de8bb4a3e6c31ef2aaa16032&iid=BANNER-35405&bw=728&bh=90&pid=PUB-9035&rid=REQ-35405&sid=SITE-35405&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410879917&h=&i=1728410879917&j=&k=&l=&m=&n=&err=0000000000000

172.67.139.102

0 B

URL
diclotrans.com/pick?id=35406&auth=3af8ee8afd26cb71de8bb4a3e6c31ef2aaa16032&iid=BANNER-35405&bw=728&bh=90&pid=PUB-9035&rid=REQ-35405&sid=SITE-35405&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410879917&h=&i=1728410879917&j=&k=&l=&m=&n=&err=0000000000000
IP
172.67.139.102:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pick?id=35406&auth=3af8ee8afd26cb71de8bb4a3e6c31ef2aaa16032&iid=BANNER-35405&bw=728&bh=90&pid=PUB-9035&rid=REQ-35405&sid=SITE-35405&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410879917&h=&i=1728410879917&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
Origin: https://digitalhub.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y02dhYVHC1Met8G29SAMVRq6xDjkmBp7VlpRE6oWyYvskc9SZTJyIDddV2EId566nFfnZn%2FEdPI9QrM2zAyHaD11iq%2FUeIcp9MEWLjeZW6x2Dtr%2Fn%2F8a174xc6GmXT2GjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812e83bba1c0a-OSL
X-Firefox-Spdy: h2

diclotrans.com/pick?id=34038&auth=f44ec475425817afcf36eb7dee7c68ba054b45da&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410880222&h=&i=1728410880222&j=&k=&l=&m=&n=&err=0000000000000

172.67.139.102

204 No Content

0 B

URL GET HTTP/2
diclotrans.com/pick?id=34038&auth=f44ec475425817afcf36eb7dee7c68ba054b45da&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410880222&h=&i=1728410880222&j=&k=&l=&m=&n=&err=0000000000000
IP
172.67.139.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pick?id=34038&auth=f44ec475425817afcf36eb7dee7c68ba054b45da&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410880222&h=&i=1728410880222&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDHbDJLfnq93pCPt5NOhpzz2KIKjb8PVNTOnTgQAAxKjuWcQi6%2FjytVyROGF31s5E8cmfeaFJiP7P8wFQ1O%2Bj58LsvlzfrrD5KGYFRq1Uymac9fL5r%2FnCCiQjQ5SxS9zLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812e83bb91c0a-OSL
X-Firefox-Spdy: h2

diclotrans.com/pick?id=34045&auth=622f648149ab241e1e0effb6e0e5ee7c936137be&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410880708&h=&i=1728410880708&j=&k=&l=&m=&n=&err=0000000000000

172.67.139.102

200 OK

686 B

URL GET HTTP/2
diclotrans.com/pick?id=34045&auth=622f648149ab241e1e0effb6e0e5ee7c936137be&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410880708&h=&i=1728410880708&j=&k=&l=&m=&n=&err=0000000000000
IP
172.67.139.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type
JSON text data
Size
686 B (686 bytes)
Hash
6b2eff841ea3f3635224a8f27636f8ca
f7b429762fa8dddd5516f7556ffe8b5d10b471b1
4824f3c0b10781e128536d65a0f2bfe165eff937a244aebd09d0f44b5414c94e

HTTP Headers

GET /pick?id=34045&auth=622f648149ab241e1e0effb6e0e5ee7c936137be&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410880708&h=&i=1728410880708&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: application/json;charset=utf-8
content-length: 686
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9srlOeWxxw0jSpeGb2tWmuq%2FpPewF%2FsI7NGeogIyzk9xjx9tS3rKU%2Fu3uFDtDswNK1nBv8MTNfckFWdEpVlIggYGbK4iCJz3f76yEACgO8CQP%2Bnru0YLZIE1EFE4OOeG4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812e84bcb1c0a-OSL
X-Firefox-Spdy: h2

autofaucet.org/wm/Usmanja200/4

172.67.133.36

372 B

URL
autofaucet.org/wm/Usmanja200/4
IP
172.67.133.36:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (430), with no line terminators
Size
372 B (372 bytes)
Hash
89597f7d2d7a579f821aeed74be6f9ec
959f4ea441e8978da20fd076c5454ad3e9cff5fa
f152e0ec9083815a530124f029f2bd1bc43c305bae9b624deca51cfc96dca99b

HTTP Headers

GET /wm/Usmanja200/4 HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA, ECT, Width, Viewport-Width, Platform-Version, Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: d3GL63S44vVGAv3N5k9x826tAeWsH3thgoY4AKDpHGtdGSPk=c157750fd6a556d3bfdff49c323c1897; path=/
d3GL63S44vVGAv3N5k9x826tAeWcH3thgoY4AKDpHGtdGSPk=dd75f1bc88bf8ad70d44d3abd07c60bc; expires=Sun, 06-Apr-2025 18:08:00 GMT; Max-Age=15552000; path=/; secure; httponly; SameSite=Strict
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUz2tchx6j6%2BtMZomIDt%2B%2BvDEVEmb39aYoIWd%2FisJqlg3IyQJJvnrP9hNSFYX8mLQeaYE48eZVCTTOPbBZpBySJh8FT%2FLZfQ2ZUY1KloXlf9z4ZRA%2BdmVwb%2Bi%2B4uAwLNLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812e2c919070e-LHR
content-encoding: br
X-Firefox-Spdy: h2

services.7searchppc.com/api/adscript

149.28.70.94

204 No Content

100 B

URL OPTIONS HTTP/2
services.7searchppc.com/api/adscript
IP
149.28.70.94:443
ASN
#20473 AS-CHOOPA

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectservices.7searchppc.com
FingerprintFD:D1:C9:B1:7E:21:E0:26:D5:23:9A:6A:7E:6D:88:8C:74:7E:73:3E
ValidityThu, 05 Sep 2024 11:04:03 GMT - Wed, 04 Dec 2024 11:04:02 GMT

File type
JSON text data
Size
100 B (100 bytes)
Hash
c778aac1852c0b7b18c56b6094684fe7
8ecf3c38f4216f97bccf3e3298cc93a8ed0caedb
e1f6cad275c762aeacbe209cd7b3ab37b51a6b755ab18174854c1a7d17752a0d

HTTP Headers

POST /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Content-Type: application/json
X-API-KEY: cs4788livKoP9i4Erwt6
Content-Length: 98
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
content-encoding: gzip
content-length: 100
date: Tue, 08 Oct 2024 18:08:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

dgbmining.online/files/logo/ror.png

188.114.96.1

200 OK

1.3 kB

URL GET HTTP/2
dgbmining.online/files/logo/ror.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dgbmining.online/bits-ads.php?type=0&&ids=51
Certificate
IssuerGoogle Trust Services
Subjectdgbmining.online
Fingerprint60:72:17:0F:BF:39:FC:11:51:A3:92:A0:11:50:A7:EF:F7:8B:AA:4A
ValidityTue, 01 Oct 2024 05:54:34 GMT - Mon, 30 Dec 2024 05:54:33 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.3 kB (1332 bytes)
Hash
0aa41840890c5a642ffc30611ebe49e6
498561f3b7bfbb5fb5bdadaa09f3e6c6ed2e808e
cde43fc1deb01de84d046f6cc60be3d4006c09a96059c7ba8a1dd2a16372e3c9

HTTP Headers

GET /files/logo/ror.png HTTP/1.1
Host: dgbmining.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/bits-ads.php?type=0&&ids=51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: image/png
content-length: 1332
cache-control: public, max-age=604800
expires: Mon, 14 Oct 2024 07:34:21 GMT
last-modified: Fri, 09 Aug 2024 23:43:33 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 124419
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8teWGClxXNLriLc7J3cx16mZQysE%2FbvB8UrI0qGYaH874k0BnJkPLVTFvKglLS7IM5AYo1s5%2BpthQ4V29MzgdCz1mpqI8%2FWP5r%2FEISPScEYDhNlB4gmgHdmZMsVsbRK8rGN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812ea5d1ab503-OSL
X-Firefox-Spdy: h2

pwk5m.icu/js/responsive.js

185.66.201.43

1.6 kB

URL
pwk5m.icu/js/responsive.js
IP
185.66.201.43:0
ASN
#201702 skHosting.eu s.r.o.

File type
JavaScript source, ASCII text
Size
1.6 kB (1648 bytes)
Hash
5a5141403fa2cb9ce4b97dbddac9faf3
8916e3f27ab576942252480c0b8894f623b409fd
041844af03985a3d54b713ff8330682f1c90127f2a35944a77ee88ae05dba453

HTTP Headers

GET /js/responsive.js HTTP/1.1
Host: pwk5m.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 17:52:13 GMT
etag: W/"66f59f4d-149e"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2

lurgaimt.net/4/6974627

139.45.197.237

403 Forbidden

7 B

URL GET HTTP/2
lurgaimt.net/4/6974627
IP
139.45.197.237:443
ASN
#9002 RETN Limited

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectlurgaimt.net
FingerprintB6:C9:49:AF:5C:4F:C0:BB:3C:D6:16:6C:26:64:BA:CB:F7:F5:6D:25
ValidityWed, 02 Oct 2024 05:38:30 GMT - Tue, 31 Dec 2024 05:38:29 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
758ff964ee78d0c90f3a14d8d4af8ab3
f248d30ac9849b0ead400537632beb02c9c703d1
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe

HTTP Headers

GET /4/6974627 HTTP/1.1
Host: lurgaimt.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
server: nginx
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: text/plain; charset=utf-8
content-length: 7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

dgbmining.online/files/logo/ror.png

188.114.96.1

200 OK

1.3 kB

URL GET HTTP/2
dgbmining.online/files/logo/ror.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dgbmining.online/bits-ads.php?type=0&&ids=51
Certificate
IssuerGoogle Trust Services
Subjectdgbmining.online
Fingerprint60:72:17:0F:BF:39:FC:11:51:A3:92:A0:11:50:A7:EF:F7:8B:AA:4A
ValidityTue, 01 Oct 2024 05:54:34 GMT - Mon, 30 Dec 2024 05:54:33 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.3 kB (1332 bytes)
Hash
0aa41840890c5a642ffc30611ebe49e6
498561f3b7bfbb5fb5bdadaa09f3e6c6ed2e808e
cde43fc1deb01de84d046f6cc60be3d4006c09a96059c7ba8a1dd2a16372e3c9

HTTP Headers

GET /files/logo/ror.png HTTP/1.1
Host: dgbmining.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/bits-ads.php?type=0&&ids=51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: image/png
content-length: 1332
cache-control: public, max-age=604800
expires: Mon, 14 Oct 2024 07:34:21 GMT
last-modified: Fri, 09 Aug 2024 23:43:33 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 124419
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIY9p7%2F5VWNkY%2FtTVMle1hytBPWbriGl6mK2JQyUEC8JJ3q1auNkG9BvJQ31e0KJY%2FW5HZI8zNYtkxEYeDEgujzI87FfEH5%2BtmfJ35w5NY5OtMrUzpgil3DSQ61hmlY3Qgat"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812ea8d7ab503-OSL
X-Firefox-Spdy: h2

autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.133.36

200 OK

5.2 kB

URL GET HTTP/2
autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.133.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://autofaucet.org/wm/Usmanja200/4
Certificate
IssuerGoogle Trust Services
Subjectautofaucet.org
Fingerprint30:14:68:FC:2C:F5:A9:6C:C4:E1:22:CB:59:94:47:BE:9D:76:AD:8E
ValidityTue, 24 Sep 2024 11:44:05 GMT - Mon, 23 Dec 2024 11:44:04 GMT

File type
gzip compressed data, from Unix
Size
5.2 kB (5218 bytes)
Hash
b9f96bf2d178030dbe57199a85dc366c
2b4fd350a10bd664b70f021148981238507d7198
56e89cab5d3d51acd0aa6748161da9cab2d516458e2966516db9a16cff2bc96f

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autofaucet.org/wm/Usmanja200/2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 14:50:16 GMT
etag: W/"66fc0c28-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BsqXOblSvu3hV4qrw2ScD53mm%2FqJEmcegCbhzm9xC7j3zGJ7d22oeJHAf6CmTbFkbGDv2geXQukAdjeUjOiAdlxfuZcoM0SYyqUbxcQw7s1cS5%2B%2BQyndJy7EovyRM3mG1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812e92861070e-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 18:08:01 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95f94a200f9102a5a7ae9ba88ad9cb7f
9f4163e43cb59556fa77f29666a1a4b9c0ac4dd7
6b24f173ab151584164a83d50a35b3bd6ee414ccae5b8f820d2def4c1b873458

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

coinads.online/coinadsadnetwork.php?codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle

188.114.96.1

157 kB

URL
coinads.online/coinadsadnetwork.php?codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (337)
Size
157 kB (156978 bytes)
Hash
0aa83f81484e63effcee6befa9ddc337
d8ba1876ab73f1838de376562d9b747736bfdfbc
59d62f138c797e68074e7f34936228666794a5357a41c91f230a7cd5eff349ee

HTTP Headers

GET /coinadsadnetwork.php?codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle HTTP/1.1
Host: coinads.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: text/javascript;charset=UTF-8
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=28hQxQkeCfK%2Fa4Zy4TQ%2FSlbxzXOY1qsWs2Ej59Ub9Qk1mLrSy2X%2BC8FdZP0FlH34FloFKcn6vobjvlzn9e3Ohdb1ZKdbm9kOwTnDjxmbVtyrQZX59J04RRdkga7NmoeTJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812e55a68712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js

142.250.74.67

200 OK

218 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
JavaScript source, ASCII text, with very long lines (724)
Size
218 kB (218137 bytes)
Hash
33aff52b82a1df246136e75500d93220
4675754451af81f996eab925923c31ef5115a9f4
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731

HTTP Headers

GET /recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 218137
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:01:38 GMT
expires: Wed, 08 Oct 2025 11:01:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 25583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

o.pki.goog/wr2

142.250.74.163

471 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8130379f932c603c0ccfdf9930b03365
02ebb6273929d42fac806fa6e3860feb53bc1c04
bad944c14e47f8dcacaf131cbcbca647db61794ec130b8abea574afa774fd469

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

piclinks.in/directlink?id=434910

188.114.97.1

1.3 kB

URL
piclinks.in/directlink?id=434910
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.3 kB (1256 bytes)
Hash
c6ef83a6181af39770d0cabb96653c52
04aa89b1b119ea5e074da69bbcd7da0ecf52402d
64d01462c4cd95c84f38a63f64730283749944dd7816f2fb1a9c172ec8a470ec

HTTP Headers

GET /directlink?id=434910 HTTP/1.1
Host: piclinks.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=1voccn85uvk6d7u8a1o1hiks0q; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xo0KO3sbWlNT3ovx6wolOUhrlR4EF2Vwanp8Y%2BWNPgQKfCzGTAeQebF2Zfzv7vkSZY252jgvZBl7qjFNw53U6zQmSYcU36Jn2guzMW%2Ft0676fkt61WmCaZVZLTexig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812e35ebdd9d8-FRA
content-encoding: br
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.163

471 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8130379f932c603c0ccfdf9930b03365
02ebb6273929d42fac806fa6e3860feb53bc1c04
bad944c14e47f8dcacaf131cbcbca647db61794ec130b8abea574afa774fd469

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

teleearnings.odoo.com/web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2

34.78.83.233

200 OK

6.1 kB

URL GET HTTP/2
teleearnings.odoo.com/web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2
IP
34.78.83.233:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
Web Open Font Format (Version 2), TrueType, length 6112, version 1.0
Size
6.1 kB (6112 bytes)
Hash
b18bdccc4c54bd33db9669dfa3be3874
0ba2edc62a4f2218dba5db8e7a02d953e75fc38a
3903bc45057173250193d71977e61e1ae200c370be35d3753112b0d7ac57586f

HTTP Headers

GET /web/static/lib/odoo_ui_icons/fonts/odoo_ui_icons.woff2 HTTP/1.1
Host: teleearnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://teleearnings.odoo.com/web/assets/1/48f67e2/web.assets_frontend.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: font/woff2
content-length: 6112
last-modified: Wed, 11 Sep 2024 13:41:06 GMT
etag: "66e19df2-17e0"
expires: Wed, 09 Oct 2024 18:08:02 GMT
cache-control: max-age=86400
vary: Origin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2

piclinks.in/directlink?id=434911

188.114.97.1

200 OK

8.0 kB

URL GET HTTP/2
piclinks.in/directlink?id=434911
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectpiclinks.in
FingerprintEB:9D:90:E3:2D:7A:17:8B:2D:AF:76:50:35:D9:3A:F9:41:6B:62:26
ValiditySun, 08 Sep 2024 13:34:34 GMT - Sat, 07 Dec 2024 13:34:33 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
8.0 kB (8016 bytes)
Hash
bea2a4269e97f8b6f99e3066d1ea6c98
d6920dd2b7afc9c050f3c68683c836f073a2265d
cfab984dcaae544e57c00654a760dd8f8a7558720e57eae57c5c2d5cf6e58ad4

HTTP Headers

GET /directlink?id=434911 HTTP/1.1
Host: piclinks.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=971376kld0p57f2e3fsvbgpv9c; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1pZ2ulNNDbZz5cA8HCpzhV1TYQEAAe%2BulygTK2i424LyonKkj0ZTiqFuMv1GedYmLDEkFJTqphZOojGrV5K7mVQ%2B0S6Fx8NGII2SHNNsZ2iq%2Fe93idmnReScXEqZ5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812e35eb9d9d8-FRA
content-encoding: br
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.0.2/css/bootstrap.min.css

104.17.25.14

17 kB

URL
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.0.2/css/bootstrap.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
FingerprintE6:47:BB:06:9C:32:48:7E:A6:0A:4B:62:53:7B:F0:35:5D:A9:A3:8A
ValiditySat, 28 Sep 2024 05:35:05 GMT - Fri, 27 Dec 2024 05:35:04 GMT

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
17 kB (16860 bytes)
Hash
abe91756d18b7cd60871a2f47c1e8192
7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

HTTP Headers

GET /ajax/libs/bootstrap/5.0.2/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: text/css; charset=utf-8
content-length: 16860
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60f77a4e-41dc"
last-modified: Wed, 21 Jul 2021 01:37:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 523847
expires: Sun, 28 Sep 2025 18:08:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlf2ohQIpF0TuX%2BqpXuAI9xagYJNxlUsTNMUw8Ro%2B%2Bn1BOKd%2F599zeGr6nTKaFpUWMPEK%2F%2BtcEPsNul3ot6xuv14Yee6GILcptoayZ16CSQ91r4%2FqIl6fH32r91J9f8PolZi1JRR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8cf812ecfe42b521-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-195030228-1

142.250.74.168

200 OK

79 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-195030228-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://dgbmining.online/bits-ads.php?type=0&&ids=51
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (4269)
Size
79 kB (78867 bytes)
Hash
06f64d13b3c36120cc2377c702ca322d
9a44acc0db0b1569fe0be8ac51f1e26ca74d80fb
a2ee52c011b94d947aaa700f09fae3876fac63263e5e8e5f1276dae6ae25bad7

HTTP Headers

GET /gtag/js?id=UA-195030228-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:02 GMT
expires: Tue, 08 Oct 2024 18:08:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 78867
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.133.36

200 OK

83 kB

URL GET HTTP/2
autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.133.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://autofaucet.org/wm/Usmanja200/4
Certificate
IssuerGoogle Trust Services
Subjectautofaucet.org
Fingerprint30:14:68:FC:2C:F5:A9:6C:C4:E1:22:CB:59:94:47:BE:9D:76:AD:8E
ValidityTue, 24 Sep 2024 11:44:05 GMT - Mon, 23 Dec 2024 11:44:04 GMT

File type
gzip compressed data, from Unix
Size
83 kB (82687 bytes)
Hash
e73e80bbb9db9fc20fa847935a1aa22c
8f6585dfa798ed521f8a3102f9efd412b9eb7c59
3f8644d7a2cb95dd8e5c34083f4044edb03284edae9b10f232aaf8d21fa2d952

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autofaucet.org/wm/Usmanja200/8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 14:50:16 GMT
etag: W/"66fc0c28-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJR%2FyeEJ%2FHpHHruadtXydNs3neDmWSLH%2ByLsVBfyRPYRgMo6YmOXxvDN5z2AoDd0evmRyHW6Dm%2BM0jGkbjK%2BfnslaaPjiBbECI0jbSFtu%2FYFkSbnfHGNRA1TqJCuCSfrhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812e79e99070e-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 18:08:01 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

diclotrans.com/pick?id=34707&auth=fdc7a6a6665d7f946d627d7d2866dffaa549ac49&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410881132&h=&i=1728410881132&j=&k=&l=&m=&n=&err=0000000000000

172.67.139.102

204 No Content

0 B

URL GET HTTP/2
diclotrans.com/pick?id=34707&auth=fdc7a6a6665d7f946d627d7d2866dffaa549ac49&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410881132&h=&i=1728410881132&j=&k=&l=&m=&n=&err=0000000000000
IP
172.67.139.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pick?id=34707&auth=fdc7a6a6665d7f946d627d7d2866dffaa549ac49&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410881132&h=&i=1728410881132&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
Origin: https://e-earnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=knUR2GUx%2BU5UmCjQ5Z7Chu4%2FDuhdjHMDwY34GhFoPFIf1DK%2FVxqdAwr1HvlDDF47Z761OhcjhNPq1Ny349BkkMofnVZ9fEoxQIxiFW05WAcjeUPXxhaKh3ncKeGbu8dPKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812ecbf3e1c0a-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-WLBDN9B7XT

142.250.74.168

106 kB

URL
www.googletagmanager.com/gtag/js?id=G-WLBDN9B7XT
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
106 kB (105981 bytes)
Hash
82503d87d58c29da1f7f14eb54ba5dc6
55677bc0373dd3a5500ccdf75c7dccbc03b2531f
ac669a9aef50f4fae88a1ee50734d33cf456c067868a359134b84fc103c8674d

HTTP Headers

GET /gtag/js?id=G-WLBDN9B7XT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:02 GMT
expires: Tue, 08 Oct 2024 18:08:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 105981
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.133.36

200 OK

3.9 kB

URL GET HTTP/2
autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.133.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://autofaucet.org/wm/Usmanja200/4
Certificate
IssuerGoogle Trust Services
Subjectautofaucet.org
Fingerprint30:14:68:FC:2C:F5:A9:6C:C4:E1:22:CB:59:94:47:BE:9D:76:AD:8E
ValidityTue, 24 Sep 2024 11:44:05 GMT - Mon, 23 Dec 2024 11:44:04 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
3.9 kB (3886 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autofaucet.org/wm/Usmanja200/4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 14:50:16 GMT
etag: W/"66fc0c28-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rN5ycQl4o67EFyNt5eqXwJ0cRz28upiDIQw1XqzaclIfmU%2Fq%2FiyfkEiwKvcMhHiITgFw3OBFNnUbzLfEbDROUYJzk3NZZZe%2BZRmXvXWwWSodxn94S3Rg49jJmDxUxunxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812e85f92070e-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 18:08:01 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.163

472 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
95f94a200f9102a5a7ae9ba88ad9cb7f
9f4163e43cb59556fa77f29666a1a4b9c0ac4dd7
6b24f173ab151584164a83d50a35b3bd6ee414ccae5b8f820d2def4c1b873458

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:08:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410881513&h=&i=1728410881513&j=&k=&l=&m=&n=&err=0000000000000

172.67.139.102

204 No Content

0 B

URL GET HTTP/2
diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410881513&h=&i=1728410881513&j=&k=&l=&m=&n=&err=0000000000000
IP
172.67.139.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410881513&h=&i=1728410881513&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1w6u4uTf8gO6bGFZ4BQrxSbbDwx2IcEszZVH%2B4mMKdxOX5UHUwY4QYIGfS0SBlKSOcxjbqh9apzt%2BBpkde2mYXR46sA9dcCmS6Dgs0a4VHYhQffvQvTEA160AfReoY1Ldw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812ed3fab1c0a-OSL
X-Firefox-Spdy: h2

autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.133.36

200 OK

83 kB

URL GET HTTP/2
autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.133.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://autofaucet.org/wm/Usmanja200/4
Certificate
IssuerGoogle Trust Services
Subjectautofaucet.org
Fingerprint30:14:68:FC:2C:F5:A9:6C:C4:E1:22:CB:59:94:47:BE:9D:76:AD:8E
ValidityTue, 24 Sep 2024 11:44:05 GMT - Mon, 23 Dec 2024 11:44:04 GMT

File type
gzip compressed data, from Unix
Size
83 kB (82693 bytes)
Hash
7e96d4882900325076700ac11556ed8a
a765a64301dd8c5d4ddb781aaee9f8d4fc075b06
155cab710ca33bf8dae43652a883ca3e8901710d9ed0f3271eb67b39ae1311e4

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autofaucet.org/wm/Usmanja200/8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 14:50:16 GMT
etag: W/"66fc0c28-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9bqYilAg5StyNuYff7rZG8JoT4YlSNhHqZLc8aaZlc3SxTnP%2FTXmKr6Nil48eZFANkhykG8DR3qYkUkS5VVOMBXUcafVhRX1JlRtopbmBYmzueEbWjmEWLUpaVtHihCSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812e82f5c070e-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 18:08:01 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410881514&h=&i=1728410881514&j=&k=&l=&m=&n=&err=0000000000000

172.67.139.102

204 No Content

0 B

URL GET HTTP/2
diclotrans.com/pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410881514&h=&i=1728410881514&j=&k=&l=&m=&n=&err=0000000000000
IP
172.67.139.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pick?id=33992&auth=40152f9ed9185918187b08d034756019fef063c2&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410881514&h=&i=1728410881514&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqwXd8RZsiqIOiXhSkraMvxCux5yBoNiAWQO4LYnjl5LN7XVM7W7pYTCHPRnthU1cq%2BzoCMJSVSqb9tHro2GJZAjOdQZGpd6PGC8B2GMqO06luv%2FuvXUXIjccNg62DzKbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812eda82f1c0a-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-WLBDN9B7XT

142.250.74.168

106 kB

URL
www.googletagmanager.com/gtag/js?id=G-WLBDN9B7XT
IP
142.250.74.168:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
106 kB (105932 bytes)
Hash
cf2887535065512fc046b489554857f7
d53c12999e432320fdbd702687dc1355fb199bab
35f721bb3b9ff8827b40cf208893c07b61b27c48c48f7d5cc70a5dadaaa68c16

HTTP Headers

GET /gtag/js?id=G-WLBDN9B7XT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:02 GMT
expires: Tue, 08 Oct 2024 18:08:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 105932
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

services.7searchppc.com/api/adscript

149.28.70.94

204 No Content

0 B

URL OPTIONS HTTP/2
services.7searchppc.com/api/adscript
IP
149.28.70.94:443
ASN
#20473 AS-CHOOPA

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectservices.7searchppc.com
FingerprintFD:D1:C9:B1:7E:21:E0:26:D5:23:9A:6A:7E:6D:88:8C:74:7E:73:3E
ValidityThu, 05 Sep 2024 11:04:03 GMT - Wed, 04 Dec 2024 11:04:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type,x-api-key
access-control-max-age: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Oct 2024 18:08:02 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

services.7searchppc.com/api/adscript

149.28.70.94

204 No Content

0 B

URL OPTIONS HTTP/2
services.7searchppc.com/api/adscript
IP
149.28.70.94:443
ASN
#20473 AS-CHOOPA

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectservices.7searchppc.com
FingerprintFD:D1:C9:B1:7E:21:E0:26:D5:23:9A:6A:7E:6D:88:8C:74:7E:73:3E
ValidityThu, 05 Sep 2024 11:04:03 GMT - Wed, 04 Dec 2024 11:04:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type,x-api-key
access-control-max-age: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Oct 2024 18:08:02 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

services.7searchppc.com/api/adscript

149.28.70.94

204 No Content

0 B

URL OPTIONS HTTP/2
services.7searchppc.com/api/adscript
IP
149.28.70.94:443
ASN
#20473 AS-CHOOPA

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectservices.7searchppc.com
FingerprintFD:D1:C9:B1:7E:21:E0:26:D5:23:9A:6A:7E:6D:88:8C:74:7E:73:3E
ValidityThu, 05 Sep 2024 11:04:03 GMT - Wed, 04 Dec 2024 11:04:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key
Referer: https://teleearnings.odoo.com/
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type,x-api-key
access-control-max-age: 0
content-type: text/html; charset=UTF-8
date: Tue, 08 Oct 2024 18:08:02 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.163

471 B

URL
o.pki.goog/wr2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b894963bba6d5ebd718630381c39a8bb
16daf68000d5ca111212e7bd66d9871c6c00c6b3
43fba7403c7c22a388bf82797ae22db214f19eee399682a78476bab09a3770af

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Oct 2024 18:08:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
41f46c9e8034e3a2a41705f3a41b669b
5f947098f81604c9c9b8be99d4ef2c695884f7f2
f43be8ed9e92442873a94d0a6d00e5e25253d6d398f9abff6f1c8cc39aca2c48

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F43BE8ED9E92442873A94D0A6D00E5E25253D6D398F9ABFF6F1C8CC39ACA2C48"
Last-Modified: Tue, 08 Oct 2024 04:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14504
Expires: Tue, 08 Oct 2024 22:09:46 GMT
Date: Tue, 08 Oct 2024 18:08:02 GMT
Connection: keep-alive

diclotrans.com/impr/ii/as/Chs5OTU1MDM5LTM0MDQ1LTE3Mjg0MTA4ODE0OTcQ5J7alLHNu5FKGgEBIOSe2pSxzbuRSioBATIiEhV0ZWxlZWFybmluZ3Mub2Rvby5jb20qCURJUkVDVF8yMDoHCKr6jqvTAkICRU5iDAoKCAwQCRoEBfXhAGonCiUKBUlNQUdFEhxzczo2YzRiZTNjMDAzZGYwODUwLTI4ODA2ODQ4esABCgQI_YkCEhEKDwgYEBQaCQVd5qd5u6wAABqkAQoWCP___________wEQ____________ARIRCg8IGBAVGgkFa8deLWMQAAAadwoECPyJAhIRCg8IGBAVGgkFa8deLWMQAAAaXAoHCJ8VEOiXeRIRCg8IGBAVGgkFa8deLWMQAAAaPgoLCP___________wESEQoPCBgQFRoJBWvHXi1jEAAAGhwKBwirIBDol3kSEQoPCBgQFRoJBWvHXi1jEAAAkAFkogEMSU5URVJTVElUSUFMqgEDMjQ2sAEBwgEAygEA0gEDV0VC2gEEMjc3MA/au/9955039-34045-1728410881497?ori=75x

172.67.139.102

302 Found

0 B

URL GET HTTP/2
diclotrans.com/impr/ii/as/Chs5OTU1MDM5LTM0MDQ1LTE3Mjg0MTA4ODE0OTcQ5J7alLHNu5FKGgEBIOSe2pSxzbuRSioBATIiEhV0ZWxlZWFybmluZ3Mub2Rvby5jb20qCURJUkVDVF8yMDoHCKr6jqvTAkICRU5iDAoKCAwQCRoEBfXhAGonCiUKBUlNQUdFEhxzczo2YzRiZTNjMDAzZGYwODUwLTI4ODA2ODQ4esABCgQI_YkCEhEKDwgYEBQaCQVd5qd5u6wAABqkAQoWCP___________wEQ____________ARIRCg8IGBAVGgkFa8deLWMQAAAadwoECPyJAhIRCg8IGBAVGgkFa8deLWMQAAAaXAoHCJ8VEOiXeRIRCg8IGBAVGgkFa8deLWMQAAAaPgoLCP___________wESEQoPCBgQFRoJBWvHXi1jEAAAGhwKBwirIBDol3kSEQoPCBgQFRoJBWvHXi1jEAAAkAFkogEMSU5URVJTVElUSUFMqgEDMjQ2sAEBwgEAygEA0gEDV0VC2gEEMjc3MA/au/9955039-34045-1728410881497?ori=75x
IP
172.67.139.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /impr/ii/as/Chs5OTU1MDM5LTM0MDQ1LTE3Mjg0MTA4ODE0OTcQ5J7alLHNu5FKGgEBIOSe2pSxzbuRSioBATIiEhV0ZWxlZWFybmluZ3Mub2Rvby5jb20qCURJUkVDVF8yMDoHCKr6jqvTAkICRU5iDAoKCAwQCRoEBfXhAGonCiUKBUlNQUdFEhxzczo2YzRiZTNjMDAzZGYwODUwLTI4ODA2ODQ4esABCgQI_YkCEhEKDwgYEBQaCQVd5qd5u6wAABqkAQoWCP___________wEQ____________ARIRCg8IGBAVGgkFa8deLWMQAAAadwoECPyJAhIRCg8IGBAVGgkFa8deLWMQAAAaXAoHCJ8VEOiXeRIRCg8IGBAVGgkFa8deLWMQAAAaPgoLCP___________wESEQoPCBgQFRoJBWvHXi1jEAAAGhwKBwirIBDol3kSEQoPCBgQFRoJBWvHXi1jEAAAkAFkogEMSU5URVJTVElUSUFMqgEDMjQ2sAEBwgEAygEA0gEDV0VC2gEEMjc3MA/au/9955039-34045-1728410881497?ori=75x HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 08 Oct 2024 18:08:02 GMT
content-length: 0
location: https://img.diclotrans.com/img/690/630dd5a2393ad.png
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQST%2FDz%2FUlvtlBv%2BwcJ0Yzd2sOfXb3wLfjpDnB4M8bIBSLrgWRwlYGfpqSQyV5Gy0eWEAJW4ntXbDHksEk0rj%2BxfVR4olTgUstgi6EpFQT6evNmPHG5IqKNtTUCG2jo8dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812f0db531c0a-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Oct 2024 11:29:57 GMT
expires: Fri, 03 Oct 2025 11:29:57 GMT
cache-control: public, max-age=31536000
age: 455885
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/SzbTPrPj0RZMh3sKke7Dm2R1EAOQaD1lrFJKAhnJ0tE.js

142.250.74.68

7.6 kB

URL
www.google.com/js/bg/SzbTPrPj0RZMh3sKke7Dm2R1EAOQaD1lrFJKAhnJ0tE.js
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (18053)
Size
7.6 kB (7628 bytes)
Hash
61721b9fc4880c88e14e0251d0ffc033
27a8a3835b9f801e3d9302631d0db87d7c5cd4e6
4b36d33eb3e3d1164c877b0a91eec39b6475100390683d65ac524a0219c9d2d1

HTTP Headers

GET /js/bg/SzbTPrPj0RZMh3sKke7Dm2R1EAOQaD1lrFJKAhnJ0tE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:41:04 GMT
expires: Wed, 08 Oct 2025 11:41:04 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 17 Sep 2024 15:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 23218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.67

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Oct 2024 11:45:56 GMT
expires: Thu, 10 Oct 2024 11:45:56 GMT
cache-control: public, max-age=604800
age: 454926
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Oct 2024 11:01:27 GMT
expires: Fri, 03 Oct 2025 11:01:27 GMT
cache-control: public, max-age=31536000
age: 457595
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

dgbmining.online/files/logo/DGB468_60.svg

188.114.96.1

200 OK

128 kB

URL GET HTTP/2
dgbmining.online/files/logo/DGB468_60.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dgbmining.online/bits-ads.php?type=0&&ids=51
Certificate
IssuerGoogle Trust Services
Subjectdgbmining.online
Fingerprint60:72:17:0F:BF:39:FC:11:51:A3:92:A0:11:50:A7:EF:F7:8B:AA:4A
ValidityTue, 01 Oct 2024 05:54:34 GMT - Mon, 30 Dec 2024 05:54:33 GMT

File type
SVG Scalable Vector Graphics image
Size
128 kB (128298 bytes)
Hash
81f1d2fd5ad99a8937590340d84e8866
de150a59e69b0771dc4819f7847293dde7ced6bd
4c5258880b47e299d69a8eb2b687c6ef31a7a19c0dc00b523690813c8973bb37

HTTP Headers

GET /files/logo/DGB468_60.svg HTTP/1.1
Host: dgbmining.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/bits-ads.php?type=0&&ids=51
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Mon, 14 Oct 2024 07:22:39 GMT
last-modified: Wed, 14 Aug 2024 18:12:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 125122
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rx8JTFysYzfyzMLe4hA2atYykJUMmRmXWghtTjcGcRJ1iS6P32EsRT5uausy%2BVffic3hK89Ep6rZMqzz4sDvCb3Gkh52fe2lgTpTbXKcb93GqjmLemRoaiqzuXllZKLapXj9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812ea7d62b503-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://digitalhub.odoo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Oct 2024 11:29:57 GMT
expires: Fri, 03 Oct 2025 11:29:57 GMT
cache-control: public, max-age=31536000
age: 455885
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.133.36

200 OK

4.0 kB

URL GET HTTP/2
autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.133.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://autofaucet.org/wm/Usmanja200/4
Certificate
IssuerGoogle Trust Services
Subjectautofaucet.org
Fingerprint30:14:68:FC:2C:F5:A9:6C:C4:E1:22:CB:59:94:47:BE:9D:76:AD:8E
ValidityTue, 24 Sep 2024 11:44:05 GMT - Mon, 23 Dec 2024 11:44:04 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
4.0 kB (3986 bytes)
Hash
00f00a13cbde3c75fc2811867b3bf2eb
9a5320695147e6b946d9893bac4d695d08f1e8de
9d898dc65fc3e16d53dc6387717845212fd2c3226866ed503c779a1ed04a368e

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://autofaucet.org/wm/Usmanja200/8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 14:50:16 GMT
etag: W/"66fc0c28-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k6%2B%2FX6FyUxjRL5f%2FToPce%2Fa1zGRuaLxZ%2BlFGFhzj1P6v5IWH9PGhHr9ojdyzZ4GZoqd9y54g6Jh5fClcO%2BzPIGvH1PXNp87kX%2F7E4tQ899RCflxS6nikqjMQnXs3ds%2FMow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812eaea1a070e-LHR
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 18:08:01 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

services.7searchppc.com/api/adscript

149.28.70.94

204 No Content

100 B

URL OPTIONS HTTP/2
services.7searchppc.com/api/adscript
IP
149.28.70.94:443
ASN
#20473 AS-CHOOPA

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectservices.7searchppc.com
FingerprintFD:D1:C9:B1:7E:21:E0:26:D5:23:9A:6A:7E:6D:88:8C:74:7E:73:3E
ValidityThu, 05 Sep 2024 11:04:03 GMT - Wed, 04 Dec 2024 11:04:02 GMT

File type
JSON text data
Size
100 B (100 bytes)
Hash
c778aac1852c0b7b18c56b6094684fe7
8ecf3c38f4216f97bccf3e3298cc93a8ed0caedb
e1f6cad275c762aeacbe209cd7b3ab37b51a6b755ab18174854c1a7d17752a0d

HTTP Headers

POST /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Content-Type: application/json
X-API-KEY: cs4788livKoP9i4Erwt6
Content-Length: 111
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
content-encoding: gzip
content-length: 100
date: Tue, 08 Oct 2024 18:08:02 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

services.7searchppc.com/api/adscript

149.28.70.94

204 No Content

100 B

URL OPTIONS HTTP/2
services.7searchppc.com/api/adscript
IP
149.28.70.94:443
ASN
#20473 AS-CHOOPA

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectservices.7searchppc.com
FingerprintFD:D1:C9:B1:7E:21:E0:26:D5:23:9A:6A:7E:6D:88:8C:74:7E:73:3E
ValidityThu, 05 Sep 2024 11:04:03 GMT - Wed, 04 Dec 2024 11:04:02 GMT

File type
JSON text data
Size
100 B (100 bytes)
Hash
c778aac1852c0b7b18c56b6094684fe7
8ecf3c38f4216f97bccf3e3298cc93a8ed0caedb
e1f6cad275c762aeacbe209cd7b3ab37b51a6b755ab18174854c1a7d17752a0d

HTTP Headers

POST /api/adscript HTTP/1.1
Host: services.7searchppc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
Content-Type: application/json
X-API-KEY: cs4788livKoP9i4Erwt6
Content-Length: 120
Origin: https://teleearnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: https://teleearnings.odoo.com
vary: Origin,Accept-Encoding
access-control-allow-credentials: true
content-encoding: gzip
content-length: 100
date: Tue, 08 Oct 2024 18:08:02 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

coinzillatag.com/lib/display.js

172.67.206.14

1.8 kB

URL
coinzillatag.com/lib/display.js
IP
172.67.206.14:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text
Size
1.8 kB (1760 bytes)
Hash
93e21bdde251fa273fdcfd8da703f55e
e9a95b32e520feacc817d9b228ed0c9215c596e7
be6c43b7970f629c7f87c2832b8c074b34004e228cb79f44a80d0c66be5de262

HTTP Headers

GET /lib/display.js HTTP/1.1
Host: coinzillatag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:03 GMT
content-type: application/javascript
content-length: 1760
last-modified: Thu, 26 Sep 2024 13:35:40 GMT
etag: "1893-62305d084ae85-gzip"
cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 13:37:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cf-cache-status: HIT
age: 448169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wMeDAmfuF6fYS7h25CXODFBtEndfL6URiQDrSE8FQPvOZU7XElVe2jJqVwHv7ZhE4ANsf%2Bw9Gpokjny27PXquVfoQUS%2BG2pJscPieLHiDPNCT8UYgyKNeQE3Zmu7rPsaty3f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812f25f5f56b4-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-173236730-1

142.250.74.168

200 OK

79 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-173236730-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ayelads.com/display/items.php?ad=3bLasn8&s=0&h=728x90
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (4269)
Size
79 kB (78800 bytes)
Hash
e2541eff25e4bb4ae85b7e3f5c9f33b3
ab2630fb58bfce05f4ffc0da5e13352c06690689
4b272cef58ed77c9d5a12847c3edb93539423b0fec86398450dbf71a56533eef

HTTP Headers

GET /gtag/js?id=UA-173236730-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ayelads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:02 GMT
expires: Tue, 08 Oct 2024 18:08:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 78800
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c

142.250.74.168

200 OK

95 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://dgbmining.online/bits-ads.php?type=0&&ids=51
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
95 kB (94959 bytes)
Hash
60671b0e6e70954d4de75b74d4e4b75a
cec8d3a0418154b853cb395fa57978224e677d37
3ed1736378d17bda20ed1be36cffcc5a14fc19ef0824f9c5a6ea2a6dc0fd3e83

HTTP Headers

GET /gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:02 GMT
expires: Tue, 08 Oct 2024 18:08:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 94959
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

coinzillatag.com/lib/display.js

172.67.206.14

1.8 kB

URL
coinzillatag.com/lib/display.js
IP
172.67.206.14:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text
Size
1.8 kB (1760 bytes)
Hash
93e21bdde251fa273fdcfd8da703f55e
e9a95b32e520feacc817d9b228ed0c9215c596e7
be6c43b7970f629c7f87c2832b8c074b34004e228cb79f44a80d0c66be5de262

HTTP Headers

GET /lib/display.js HTTP/1.1
Host: coinzillatag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:03 GMT
content-type: application/javascript
content-length: 1760
last-modified: Thu, 26 Sep 2024 13:35:40 GMT
etag: "1893-62305d084ae85-gzip"
cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 13:37:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cf-cache-status: HIT
age: 448170
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cXCeXt1GcZ6ndlG9l%2FG6pUTE6e8jtKPeeX7id0QBHgbxuNgjJvlgSnmCYWChDnzVRaZw0Jsct55Jd%2F82BRhypJ%2B%2BIt6CKXfFlfUHP5rk95NKgoSst1F5r0Q%2BzWDiM236V69m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812f25f5856b4-OSL
X-Firefox-Spdy: h2

ayelads.com/page/image/logo_ad1.png

162.0.235.250

503 B

URL
ayelads.com/page/image/logo_ad1.png
IP
162.0.235.250:0
ASN
#22612 NAMECHEAP-NET

Certificate
IssuerSectigo Limited
Subjectayelads.com
Fingerprint0F:E5:D3:44:BF:BA:32:B8:E8:10:C5:62:C2:C4:EB:A7:CD:13:A6:12
ValidityTue, 12 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT

File type
PNG image data, 24 x 16, 8-bit/color RGBA, non-interlaced
Size
503 B (503 bytes)
Hash
e1f020b8800f87692395b8ce51c1295a
c2ea69983bc7344787a0f277fec3f6d00ddf24d1
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d

HTTP Headers

GET /page/image/logo_ad1.png HTTP/1.1
Host: ayelads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ayelads.com/display/items.php?ad=3bLasn8&s=0&h=728x90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Oct 2024 18:08:03 GMT
content-type: image/png
last-modified: Fri, 27 Nov 2020 10:25:31 GMT
accept-ranges: bytes
content-length: 503
date: Tue, 08 Oct 2024 18:08:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

lokilokitwo.de:10006/

89.58.14.251

0 B

URL
lokilokitwo.de:10006/
IP
89.58.14.251:0
ASN
#197540 netcup GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: lokilokitwo.de:10006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://teleearnings.odoo.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JZHITGTHl6ofJZ1FLROdYw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: PF68jXOX8/DAibZtX/x0kPKQNEI=

coinzillatag.com/lib/display.js

172.67.206.14

1.8 kB

URL
coinzillatag.com/lib/display.js
IP
172.67.206.14:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text
Size
1.8 kB (1760 bytes)
Hash
93e21bdde251fa273fdcfd8da703f55e
e9a95b32e520feacc817d9b228ed0c9215c596e7
be6c43b7970f629c7f87c2832b8c074b34004e228cb79f44a80d0c66be5de262

HTTP Headers

GET /lib/display.js HTTP/1.1
Host: coinzillatag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:03 GMT
content-type: application/javascript
content-length: 1760
last-modified: Thu, 26 Sep 2024 13:35:40 GMT
etag: "1893-62305d084ae85-gzip"
cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 13:37:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cf-cache-status: HIT
age: 448170
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7hNlbfxjGyniBkWfnwonCNrwh8jW6QK3DZ9k6m7EO4GbshFHJ9gRyCjcyS2r3%2BnDbbFQCTIUGi6uqQ0t0X3i%2Bv010rebivGDYZXjC1LPn31gaFNmgD7q%2BLGO9vZhFk05P9iA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812f3496756b4-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c

142.250.74.168

200 OK

95 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://dgbmining.online/bits-ads.php?type=0&&ids=51
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
95 kB (94965 bytes)
Hash
d41898241a28fc51c3115c1a59d67429
2596f2ede533416449b6a09734c2608f6851c679
41fbd64a27614862f13a02cc26fb620efb0a3a12bd23eda5e113c0e3918cedc8

HTTP Headers

GET /gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:03 GMT
expires: Tue, 08 Oct 2024 18:08:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 94965
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c

142.250.74.168

200 OK

95 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://dgbmining.online/bits-ads.php?type=0&&ids=51
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
95 kB (94957 bytes)
Hash
a959402136069ba1d22740d8b841293d
ec1f7845f05714540229dd4558885e2fcca38665
1c98def4ce736655ff06a2a2371a5ae55ab838b53bff05b48d747b50de1bc806

HTTP Headers

GET /gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:03 GMT
expires: Tue, 08 Oct 2024 18:08:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 94957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

diclotrans.com/pick?id=34705&auth=c3a8fe0c2fbb511c4dc2b9a07ca7e5e66c7fabdb&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410882102&h=&i=1728410882102&j=&k=&l=&m=&n=&err=0000000000000

172.67.139.102

200 OK

803 B

URL GET HTTP/2
diclotrans.com/pick?id=34705&auth=c3a8fe0c2fbb511c4dc2b9a07ca7e5e66c7fabdb&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410882102&h=&i=1728410882102&j=&k=&l=&m=&n=&err=0000000000000
IP
172.67.139.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type
JSON text data
Size
803 B (803 bytes)
Hash
aae94be17258fabf1d7879f58539fb3e
7b18218e2f2163aef55352676e08fe09234b136d
df7d4f9535309fbfa54b20b72e8b1a1cbc3ed4ee95ff6e2279ec4e1c998fdfc0

HTTP Headers

GET /pick?id=34705&auth=c3a8fe0c2fbb511c4dc2b9a07ca7e5e66c7fabdb&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410882102&h=&i=1728410882102&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
Origin: https://e-earnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:03 GMT
content-type: application/json;charset=utf-8
content-length: 803
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJty8%2B%2F5Ye6z1erJXjc%2F21lIk1mLU6aZFo%2BNRvuR4ww%2Bs01cvgB8mlDBENUZbdOFadCFq%2FEbB764K6yE9luPzELQo2xPCMFGCJR62%2B1Uft%2FeVhKKdkdk6UvxPCktT75Wwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812f34d611c0a-OSL
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
eecd29391bd326c9c2d1d84f62eeff93
9d7165d2971cfb813b301835444d75a7fc07d48f
4666a19d10688f0beeeb6b184e1c589bb08f8832609945650443d5b29a2bdd71

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4666A19D10688F0BEEEB6B184E1C589BB08F8832609945650443D5B29A2BDD71"
Last-Modified: Sun, 06 Oct 2024 06:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7708
Expires: Tue, 08 Oct 2024 20:16:31 GMT
Date: Tue, 08 Oct 2024 18:08:03 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.249

504 B

URL
r10.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
eecd29391bd326c9c2d1d84f62eeff93
9d7165d2971cfb813b301835444d75a7fc07d48f
4666a19d10688f0beeeb6b184e1c589bb08f8832609945650443d5b29a2bdd71

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4666A19D10688F0BEEEB6B184E1C589BB08F8832609945650443D5B29A2BDD71"
Last-Modified: Sun, 06 Oct 2024 06:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7728
Expires: Tue, 08 Oct 2024 20:16:51 GMT
Date: Tue, 08 Oct 2024 18:08:03 GMT
Connection: keep-alive

www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js

142.250.74.67

200 OK

218 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
JavaScript source, ASCII text, with very long lines (724)
Size
218 kB (218137 bytes)
Hash
33aff52b82a1df246136e75500d93220
4675754451af81f996eab925923c31ef5115a9f4
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731

HTTP Headers

GET /recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 218137
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:01:38 GMT
expires: Wed, 08 Oct 2025 11:01:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 25585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Roboto&display=swap

142.250.74.106

29 kB

URL
fonts.googleapis.com/css2?family=Roboto&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (63220)
Size
29 kB (29094 bytes)
Hash
d76f213fb71af1babfb3720eca4500ca
90153abe4aeaa6f4c9d706209d0e57a8e378cce5
cd7679df683b65abc2ab32b07c0a10873a780ae301d65a10c35f09b90c0bfc50

HTTP Headers

GET /css2?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Oct 2024 18:08:01 GMT
date: Tue, 08 Oct 2024 18:08:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

appsha-pnd.ctengine.io/js/script.js?wkey=ojqyuZyqtY

109.109.136.213

200 OK

102 kB

URL GET HTTP/2
appsha-pnd.ctengine.io/js/script.js?wkey=ojqyuZyqtY
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
102 kB (102543 bytes)
Hash
28a99db9abadc204eaf2e0417e089c77
5c766a42237e960fb9ebe15a15270243dd5d337b
9a93e47a3c7bc36caa781e579acc93f4cf36f8f51e9e43d00257fcfc69e47994

HTTP Headers

GET /js/script.js?wkey=ojqyuZyqtY HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:03 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:03 GMT
last-modified: Tue, 08 Oct 2024 18:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=71cbf250b7617ec404819c2494290103; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

fundsruffianfollows.com/3e2b4ce8a4309a654b8676923611b80f/invoke.js

192.243.59.20

11 kB

URL
fundsruffianfollows.com/3e2b4ce8a4309a654b8676923611b80f/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JavaScript source, ASCII text, with very long lines (24921), with no line terminators
Size
11 kB (11314 bytes)
Hash
a987b123d674b025e76cce288a5af547
932505f1050b08ae0411ae1ce41299f434b6795f
2c7651573a409d513dcd152773ca12ad44766e3173e456f15de7d3ef79481b2b

HTTP Headers

GET /3e2b4ce8a4309a654b8676923611b80f/invoke.js HTTP/1.1
Host: fundsruffianfollows.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 08 Oct 2024 18:08:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: fundsruffianfollows.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6cb6b69244b705ae5df929b0066462c0
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.a-ads.com/a-ads-banners/520977/320x50?region=eu-central-1

116.202.214.170

200 OK

8.6 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/520977/320x50?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
PNG image data, 320 x 50, 8-bit/color RGBA, non-interlaced
Size
8.6 kB (8591 bytes)
Hash
49b5a818080b363f715f1d37f8921824
af825ff6a5cfcb35fda4657bd1f070bd4348d5b7
544a71513510dde3c33e66fc63e4cba3f2b5d828b94568f6909830549b9bdcad

HTTP Headers

GET /a-ads-banners/520977/320x50?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/png
content-length: 8591
x-amz-id-2: /qNTL0GWqEjZU3hv+ZHIk3x17H5WiXZj+Jucu4GWFwhDm2o5ejGwY4uRhnOsCBAz97rTHjbLmNQ=
x-amz-request-id: 9GKKYZK7P3RN6JGA
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Aug 2024 09:27:45 GMT
etag: "49b5a818080b363f715f1d37f8921824"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: gW29sr8fXzgvr_8x7QmoJ13T5zK.o8zO
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/520980/468x60?region=eu-central-1

116.202.214.170

200 OK

13 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/520980/468x60?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2315078?size=468x60
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced
Size
13 kB (12638 bytes)
Hash
232cdd212e382673591847587cb6746e
307def23e553e28469d1d80cbbe28dce479bd63f
c6e25cff8bffcf46bc3ef8606bdd71838a2c6ba9b00492dae4a56461175264b5

HTTP Headers

GET /a-ads-banners/520980/468x60?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/png
content-length: 12638
x-amz-id-2: xKjVVqCPTtv/VNRRyqTgAi95Gw/35Mf3MzDatSuGMtYGGQKsyobup7CsdWU+tr6kM1hmQP/3KbI=
x-amz-request-id: VTHWT8ZWKRFQ025Q
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Aug 2024 09:27:46 GMT
etag: "232cdd212e382673591847587cb6746e"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: odXS1vqqhSfF26kT.DxTukUfutOdOBep
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/511868/728x90?region=eu-central-1

116.202.214.170

200 OK

143 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/511868/728x90?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2355298?size=728x90
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 728 x 90
Size
143 kB (143037 bytes)
Hash
20f96d1e3f2bfa0e9c8e31909aad1cc5
076b1f8f084abf53723efc442fa4578d60f1799c
80936f4de85a22daa49fdf74ae4f2ae173852870ec8a3d5eecb4903b0e1758c7

HTTP Headers

GET /a-ads-banners/511868/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/gif
content-length: 143037
x-amz-id-2: PEPwQ8yEMo4ZLauXRVZPMeuw20EzUE0csd1q1jsYVVsBq4Azk+vAWFPj+lOy0gChmqlxqB9yujk=
x-amz-request-id: DW15J7A6HDC470HA
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 May 2024 02:44:14 GMT
etag: "20f96d1e3f2bfa0e9c8e31909aad1cc5"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: H3z9TLrfrdaR34yV5D.5nDzjqGUpQr9t
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/523828/468x60?region=eu-central-1

116.202.214.170

200 OK

370 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/523828/468x60?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2315078?size=468x60
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 468 x 60
Size
370 kB (370226 bytes)
Hash
378db8cc56070f11abf161719b1e86ad
8e32e13027cf9bfd2d090dc64347e01ca9aaa952
1e31e3c72b4fdeb793ae97138dcdce2e7764c5b61486dd873a2d1cf664a50897

HTTP Headers

GET /a-ads-banners/523828/468x60?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:03 GMT
content-type: image/gif
content-length: 370226
x-amz-id-2: /B3MLwWM7sGHaxHve1mQ4cdfO5wBKDucTsFucscNWDLtnRz5z90EbOClXfAuFpX6UAEt3+EOV6TP6HvPkuDmAztvO/nj995/
x-amz-request-id: T9XPE5TMQGV1QH7H
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Oct 2024 07:58:46 GMT
etag: "378db8cc56070f11abf161719b1e86ad"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: g6RnrkTbZRzbKEowNHkRyjVqBjZP1KP3
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/523829/320x50?region=eu-central-1

116.202.214.170

200 OK

271 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/523829/320x50?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 320 x 50
Size
271 kB (271337 bytes)
Hash
156ee38850b4d1b3bd9ee4cd9a9a6954
e223075c65eea61b7e707803c484637c9b507482
be92db55056adb5720277fc663eba50f20c12ef36750355d6392548ca59f82e4

HTTP Headers

GET /a-ads-banners/523829/320x50?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:03 GMT
content-type: image/gif
content-length: 271337
x-amz-id-2: acd/L5jaABe2EUMoeAQWPWzPdEQAgXlxgql1IodVS9H6ANkmndp68Xuvl8cjr947p5QTyS35o8c=
x-amz-request-id: T9XG0T4DQS1JWE8T
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Oct 2024 07:58:46 GMT
etag: "156ee38850b4d1b3bd9ee4cd9a9a6954"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: QNKGwXV2OaU5UFX8AtWnYlooZATch_Ht
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/511868/728x90?region=eu-central-1

116.202.214.170

200 OK

143 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/511868/728x90?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2355298?size=728x90
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 728 x 90
Size
143 kB (143037 bytes)
Hash
20f96d1e3f2bfa0e9c8e31909aad1cc5
076b1f8f084abf53723efc442fa4578d60f1799c
80936f4de85a22daa49fdf74ae4f2ae173852870ec8a3d5eecb4903b0e1758c7

HTTP Headers

GET /a-ads-banners/511868/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/gif
content-length: 143037
x-amz-id-2: PEPwQ8yEMo4ZLauXRVZPMeuw20EzUE0csd1q1jsYVVsBq4Azk+vAWFPj+lOy0gChmqlxqB9yujk=
x-amz-request-id: DW15J7A6HDC470HA
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 May 2024 02:44:14 GMT
etag: "20f96d1e3f2bfa0e9c8e31909aad1cc5"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: H3z9TLrfrdaR34yV5D.5nDzjqGUpQr9t
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

digitalhub.odoo.com/VPAIDFlash.swf

34.93.222.88

499 kB

URL
digitalhub.odoo.com/VPAIDFlash.swf
IP
34.93.222.88:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
gzip compressed data, max speed, from Unix
Size
499 kB (499056 bytes)
Hash
068da83e00329f8d4164a092f4f2c055
58b7cef0baa8e551e449fdc96f6a48a2dbbe1585
d8d59e9e3cf88dd3f91a3ec375a39d00267cb986097396dadb4a1232571f9f19

HTTP Headers

GET /VPAIDFlash.swf HTTP/1.1
Host: digitalhub.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: text/html;charset=utf-8
set-cookie: frontend_lang=en_US; Expires=Wed, 08 Oct 2025 18:08:01 GMT; Path=/
frontend_lang=en_US; Expires=Wed, 08 Oct 2025 18:08:01 GMT; Path=/
frontend_lang=en_US; Expires=Wed, 08 Oct 2025 18:08:01 GMT; Path=/
session_id=lMlpCO8yZY7_UpaP43fXHkOkKMxelR4lL8obKy8qB5laO-nc6L4Dn4TLBvU7T_k6_Pmo3NXy5SSzutLj8zFk; Expires=Wed, 08 Oct 2025 18:08:01 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax
frontend_lang=en_US; Expires=Wed, 08 Oct 2025 18:08:01 GMT; Path=/
frontend_lang=en_US; Expires=Wed, 08 Oct 2025 18:08:01 GMT; Path=/
session_id=lMlpCO8yZY7_UpaP43fXHkOkKMxelR4lL8obKy8qB5laO-nc6L4Dn4TLBvU7T_k6_Pmo3NXy5SSzutLj8zFk; Expires=Wed, 08 Oct 2025 18:08:01 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/523897/320x100?region=eu-central-1

116.202.214.170

200 OK

409 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/523897/320x100?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2355869?size=320x100
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 320 x 100
Size
409 kB (408855 bytes)
Hash
e6347d9ab08075b3f348e88bd5675cf5
bd45a76df09c3845ae67d7bb5090385ae9eb881e
2801a8ed26f6d2038d494f480530af6b9c92ecb6442d4d634f7b0b65284dd57b

HTTP Headers

GET /a-ads-banners/523897/320x100?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/gif
content-length: 408855
x-amz-id-2: 2UiAMIT+DyzDVu8Tj3eMp30El5KxVDLq3kls1GjExxmkdeSNbyVq01Ryv2ZzFq1zjyqCegIozVc=
x-amz-request-id: GABD96BXTTPE7MGP
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Oct 2024 08:03:07 GMT
etag: "e6347d9ab08075b3f348e88bd5675cf5"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: 9nAQOtlXwTganJPxL_fZUSZpBfX9.Upi
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

coinads.online/files/logo/ror.png

188.114.96.1

200 OK

645 B

URL GET HTTP/3
coinads.online/files/logo/ror.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://coinads.online/bits-ads.php?type=3&ids=232&codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle&codeshow=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTcyODQxMDg4MSwiZXhwIjoxNzI4NDExMDAxfQ.kaaSXSPoMLbMtUpAtHrygXpEbd3LaeT75JEDQo7FpaM
Certificate
IssuerGoogle Trust Services
Subjectcoinads.online
Fingerprint11:13:F0:F2:5C:5B:54:CD:B8:BD:F8:62:78:1B:67:36:D2:24:26:9C
ValiditySun, 15 Sep 2024 21:31:07 GMT - Sat, 14 Dec 2024 21:31:06 GMT

File type
PNG image data, 16 x 16, 8-bit gray+alpha, non-interlaced
Size
645 B (645 bytes)
Hash
b9eaff4b7b66ff14a7c07376af330c6a
f04d55bec05b91b45bdbf658c397cd153d2d7e27
568e3768feba91a7ff887286c94fd678b82349af9a49d2012160b08dd1ace8e8

HTTP Headers

GET /files/logo/ror.png HTTP/1.1
Host: coinads.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/bits-ads.php?type=3&ids=232&codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle&codeshow=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTcyODQxMDg4MSwiZXhwIjoxNzI4NDExMDAxfQ.kaaSXSPoMLbMtUpAtHrygXpEbd3LaeT75JEDQo7FpaM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/png
content-length: 645
cache-control: public, max-age=604800
expires: Thu, 10 Oct 2024 08:41:21 GMT
last-modified: Thu, 30 Nov 2023 00:14:09 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 466003
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EAnUqVwf5gT1bx%2B1wAijIJrb6ZZxDoGhdfUQhKQ8TNstdQpGSUfpc8GvRCc%2Fhk%2FLX%2FUO6uAlovlNrqtyTfXicYFlEoo95PAQCdiUuiXIubCNBVxIajM9c71GS%2B7byThLlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812f9bab956b9-OSL

static.a-ads.com/a-ads-banners/523878/468x60?region=eu-central-1

116.202.214.170

200 OK

370 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/523878/468x60?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2315078?size=468x60
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 468 x 60
Size
370 kB (370226 bytes)
Hash
378db8cc56070f11abf161719b1e86ad
8e32e13027cf9bfd2d090dc64347e01ca9aaa952
1e31e3c72b4fdeb793ae97138dcdce2e7764c5b61486dd873a2d1cf664a50897

HTTP Headers

GET /a-ads-banners/523878/468x60?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:03 GMT
content-type: image/gif
content-length: 370226
x-amz-id-2: 34kvBe6cT5JmuJ6e2ErB724F2ndOz1vvaOFNkJu+z+MyF40nAT2umK8tqokBttLnDbaqTavZ/DQ=
x-amz-request-id: AMFAE29DWQHVE9Z9
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Oct 2024 08:02:14 GMT
etag: "378db8cc56070f11abf161719b1e86ad"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: 0KiVsO4zIxkCV7bly8Gdv8XCuq3Lc95Y
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

coinads.online/bits-ads.php?type=3&ids=232&codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle&codeshow=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTcyODQxMDg4MSwiZXhwIjoxNzI4NDExMDAxfQ.kaaSXSPoMLbMtUpAtHrygXpEbd3LaeT75JEDQo7FpaM

188.114.96.1

2.0 kB

URL
coinads.online/bits-ads.php?type=3&ids=232&codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle&codeshow=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTcyODQxMDg4MSwiZXhwIjoxNzI4NDExMDAxfQ.kaaSXSPoMLbMtUpAtHrygXpEbd3LaeT75JEDQo7FpaM
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (4265)
Size
2.0 kB (1951 bytes)
Hash
cea16fd9cc3b28a6286589e471c400ef
fb7c38557b3941e33bdd76566740bd822615192d
5a92e7d0f70d930db2bb962db43352ef4c1f6f818d323cf5b3ab43a0815066c2

HTTP Headers

GET /bits-ads.php?type=3&ids=232&codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle&codeshow=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTcyODQxMDg4MSwiZXhwIjoxNzI4NDExMDAxfQ.kaaSXSPoMLbMtUpAtHrygXpEbd3LaeT75JEDQo7FpaM HTTP/1.1
Host: coinads.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=6f8800ca62a1edbc089e5773a2d7c09e; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jAsQzEnJeBfKMghYRmoXSdlCymJLDP9aZUjWnWqKCS%2Bemv0jhQKRfXhasiQC%2BlxBRQIIOXzGObg8nvfzMjQS9IH3%2BduBvTAYawaakh%2FxRO6%2BxWkxNkWPtDYSZYK%2FRAyg5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812eaf85056b9-OSL
content-encoding: br

static.a-ads.com/a-ads-banners/520983/300x250?region=eu-central-1

116.202.214.170

439 kB

URL
static.a-ads.com/a-ads-banners/520983/300x250?region=eu-central-1
IP
116.202.214.170:0
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 300 x 250
Size
439 kB (439298 bytes)
Hash
31dd4a08247c4834aed0f171ba9bc85e
932bb6a26fa9ec31d8c3ce33b22d2513c729cfef
429354d3eb541909f88f42c6e39dfbf8dba21e23f0d9b3d495f51cb2b2ea427b

HTTP Headers

GET /a-ads-banners/520983/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/gif
content-length: 439298
x-amz-id-2: ZswaGq9o8pUdBaG04DowISIsuYy4nX/PbyphnfBPuog74LNUdPLauEvu6Lo7uQeQcU9a0y5BcA4=
x-amz-request-id: 21P3DNP563ADBSZ9
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Aug 2024 09:27:48 GMT
etag: "31dd4a08247c4834aed0f171ba9bc85e"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: BTJEFv9ll1sRf2il.whuzL1fEIkg143Y
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/523829/320x50?region=eu-central-1

116.202.214.170

200 OK

271 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/523829/320x50?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 320 x 50
Size
271 kB (271337 bytes)
Hash
156ee38850b4d1b3bd9ee4cd9a9a6954
e223075c65eea61b7e707803c484637c9b507482
be92db55056adb5720277fc663eba50f20c12ef36750355d6392548ca59f82e4

HTTP Headers

GET /a-ads-banners/523829/320x50?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/gif
content-length: 271337
x-amz-id-2: acd/L5jaABe2EUMoeAQWPWzPdEQAgXlxgql1IodVS9H6ANkmndp68Xuvl8cjr947p5QTyS35o8c=
x-amz-request-id: T9XG0T4DQS1JWE8T
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Oct 2024 07:58:46 GMT
etag: "156ee38850b4d1b3bd9ee4cd9a9a6954"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: QNKGwXV2OaU5UFX8AtWnYlooZATch_Ht
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

coinads.online/files/banners/b-2_300x250_qg211fhg.gif

188.114.96.1

40 kB

URL
coinads.online/files/banners/b-2_300x250_qg211fhg.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 300 x 250
Size
40 kB (39714 bytes)
Hash
d6b8e1f56f496560ff4a87ac74223177
20060e440bde4c08b5e749fcf81c9857e16735b0
657b785c9a801a9552d1f3b63bbee13b7aa71f7835168bf6d3131854f7db01ed

HTTP Headers

GET /files/banners/b-2_300x250_qg211fhg.gif HTTP/1.1
Host: coinads.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/bits-ads.php?type=3&ids=232&codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle&codeshow=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTcyODQxMDg4MSwiZXhwIjoxNzI4NDExMDAxfQ.kaaSXSPoMLbMtUpAtHrygXpEbd3LaeT75JEDQo7FpaM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/gif
content-length: 39714
cache-control: public, max-age=604800
expires: Wed, 09 Oct 2024 03:31:24 GMT
last-modified: Thu, 07 Dec 2023 13:22:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 571000
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKzaTlabpE0Zo5wDU8EDfVwbtekgKQNuL%2FLLfDVzeXJX284VrUN6m9Si4ZkYvGKyR3qFMbSkRU%2Fi6qdOG3ia3GQqbiXAn%2FbZXB%2FsR8xOeP7aeO5ibT55GD%2FXUIQwuvLHAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812f9aa9556b9-OSL

draft.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

142.250.147.191

1.6 kB

URL
draft.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (948)
Size
1.6 kB (1565 bytes)
Hash
ced74b8e33264e74dac17d5e2bd9c2da
915c640ac2920748b6b8c0061ca4c6118f75abff
4db255b5377ee5636fdfe178a3373beb59eed50d174a1b3077e154652d99cf78

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.fWM8InyZ2kE.es5.O/ck=boq-blogger.BloggerCommentUi.0FELmjTaf54.L.F4.O/am=BgABxA/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2x1qHh834xar3HIC6rRLx0bla5jw/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://draft.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 1565
date: Tue, 08 Oct 2024 18:08:04 GMT
expires: Wed, 08 Oct 2025 18:08:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 07 Oct 2024 23:05:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ad.a-ads.com/2355298?size=728x90

116.202.214.170

200 OK

414 kB

URL GET HTTP/2
ad.a-ads.com/2355298?size=728x90
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://coinads.online/allads.php
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
414 kB (414431 bytes)
Hash
64e9f73474d7241079593510077cdecf
bc35b6387352b02fad5bb29b8eec56fe7489a4e9
8bebfa591e02474f772f424e57a4ec521fab2860169b2dac014281393a9446d5

HTTP Headers

GET /2355298?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://dgbmining.online/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/523877/320x100?region=eu-central-1

116.202.214.170

200 OK

409 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/523877/320x100?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2355869?size=320x100
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 320 x 100
Size
409 kB (408855 bytes)
Hash
e6347d9ab08075b3f348e88bd5675cf5
bd45a76df09c3845ae67d7bb5090385ae9eb881e
2801a8ed26f6d2038d494f480530af6b9c92ecb6442d4d634f7b0b65284dd57b

HTTP Headers

GET /a-ads-banners/523877/320x100?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/gif
content-length: 408855
x-amz-id-2: msowZ6yi8fqYj5O7BjcnId/kF39DM8dEvwYyQl8mrCIV6Ns+c6a967i2aCJ0uHK2O1RH61sC9zo=
x-amz-request-id: Q8XG9EKSZG521CAK
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Oct 2024 08:02:14 GMT
etag: "e6347d9ab08075b3f348e88bd5675cf5"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: 2KM9LPCXFOr9E62E4nTnJC4c1YmF3a_M
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

appsha-pnd.ctengine.io/js/script.js?wkey=ojqyuZyqtY

109.109.136.213

200 OK

7.9 kB

URL GET HTTP/2
appsha-pnd.ctengine.io/js/script.js?wkey=ojqyuZyqtY
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
7.9 kB (7912 bytes)
Hash
705411c57460ed7759137fb23b67c25e
87b4580c6d308d40af74d8f9751d7b2d43d7b7c3
569f3cd4b1076be135ac2eca68f4ac6e64434d06f2d57e340ee83b497a794bf5

HTTP Headers

GET /js/script.js?wkey=ojqyuZyqtY HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:03 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:03 GMT
last-modified: Tue, 08 Oct 2024 18:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=5d7573d67191f489767476aa551e9701; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/523890/300x250?region=eu-central-1

116.202.214.170

487 kB

URL
static.a-ads.com/a-ads-banners/523890/300x250?region=eu-central-1
IP
116.202.214.170:0
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 300 x 250
Size
487 kB (486594 bytes)
Hash
a8494a1bdebcdefa9a5dabb427fb39f6
4fa09ac96ccd7f5e1a4ce63a026796eb845d1847
4ef9c160a7d3f7e538e2ef617f667d41224f8907a3cfc4f91c112350c4ab1f84

HTTP Headers

GET /a-ads-banners/523890/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:03 GMT
content-type: image/gif
content-length: 486594
x-amz-id-2: YgWbXGzWir6yllCJb9p8RwT5wQ6eag79pLWdRMjWaXOMUvCzDRYfz3boLd2Qg9VcOuZOIlapptk=
x-amz-request-id: GAB9PYT0PAXA0F4D
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Oct 2024 08:02:16 GMT
etag: "a8494a1bdebcdefa9a5dabb427fb39f6"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: Wn6RZkHMhk4BziqQnz42zZEIh2twOb7V
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/511868/728x90?region=eu-central-1

116.202.214.170

200 OK

143 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/511868/728x90?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2355298?size=728x90
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 728 x 90
Size
143 kB (143037 bytes)
Hash
20f96d1e3f2bfa0e9c8e31909aad1cc5
076b1f8f084abf53723efc442fa4578d60f1799c
80936f4de85a22daa49fdf74ae4f2ae173852870ec8a3d5eecb4903b0e1758c7

HTTP Headers

GET /a-ads-banners/511868/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: image/gif
content-length: 143037
x-amz-id-2: PEPwQ8yEMo4ZLauXRVZPMeuw20EzUE0csd1q1jsYVVsBq4Azk+vAWFPj+lOy0gChmqlxqB9yujk=
x-amz-request-id: DW15J7A6HDC470HA
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 May 2024 02:44:14 GMT
etag: "20f96d1e3f2bfa0e9c8e31909aad1cc5"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: H3z9TLrfrdaR34yV5D.5nDzjqGUpQr9t
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

request-global.czilladx.com/serve/get.php?withoutAdCode=1&z=7695f96e977909c5700&w=1&h=1&wd=0&n=1796656607038

142.93.100.104

327 B

URL
request-global.czilladx.com/serve/get.php?withoutAdCode=1&z=7695f96e977909c5700&w=1&h=1&wd=0&n=1796656607038
IP
142.93.100.104:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (410), with no line terminators
Size
327 B (327 bytes)
Hash
7e0574c96a7a95d72e8bd162fef7e660
4d58ff2ea5a2bcca561aae6812035c23c1af9d7a
ec2f024f87956350e487d6156711a16f75d14544c2830cd161ae22e6d84175a4

HTTP Headers

GET /serve/get.php?withoutAdCode=1&z=7695f96e977909c5700&w=1&h=1&wd=0&n=1796656607038 HTTP/1.1
Host: request-global.czilladx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 08 Oct 2024 18:08:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://dgbmining.online
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sun, 29 Jul 2012 00:00:00 GMT
Access-Control-Allow-Headers: *
Content-Encoding: br
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

request-global.czilladx.com/serve/view.php?w=POPUNDER&h=&z=7695f96e977909c5700&c=DEFAULT&n=b065dcc55f40c946b33582acf97a8b2971803585cf362eb9e0a05dad97feb93d&integrity=eyJrZXkiOiJiYjM4ZjhiOWY5MTcwYTA5ZTM0NWU2ODFmMDU0OTU4MWY5NDRjNmIyMDc1ZWFkNzk5NGEzMTJiMzZlNmQ0MmUxIiwidGltZXN0YW1wIjoxNzI4NDEwODg0LCJpZGVudGlmaWVyIjoiZTA4MTkxNGI4NWMyODk5NzFiMDk1NjU1N2I0OGE2MGZiN2NlNTE4MzIyOWJhOWFiMGFiNWM5NTdiNjk0YWEzNCJ9

142.93.100.104

200 OK

527 B

URL GET HTTP/1.1
request-global.czilladx.com/serve/view.php?w=POPUNDER&h=&z=7695f96e977909c5700&c=DEFAULT&n=b065dcc55f40c946b33582acf97a8b2971803585cf362eb9e0a05dad97feb93d&integrity=eyJrZXkiOiJiYjM4ZjhiOWY5MTcwYTA5ZTM0NWU2ODFmMDU0OTU4MWY5NDRjNmIyMDc1ZWFkNzk5NGEzMTJiMzZlNmQ0MmUxIiwidGltZXN0YW1wIjoxNzI4NDEwODg0LCJpZGVudGlmaWVyIjoiZTA4MTkxNGI4NWMyODk5NzFiMDk1NjU1N2I0OGE2MGZiN2NlNTE4MzIyOWJhOWFiMGFiNWM5NTdiNjk0YWEzNCJ9
IP
142.93.100.104:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerSectigo Limited
Subjectcoinzilla.com
FingerprintD2:8E:F9:83:85:90:15:BD:07:36:B0:DA:A2:09:67:EF:8B:DA:F4:59
ValidityTue, 13 Aug 2024 00:00:00 GMT - Fri, 12 Sep 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1191), with no line terminators
Size
527 B (527 bytes)
Hash
2d8594de94bf0c9d076a785e03bd871c
90265fe98469f62c18e1b1d5d932e4d8f0d7ac49
1f055996e373724aee9497ec1cfb83eb4dd4bfc58b01980c6c9b4ae989bf0160

HTTP Headers

GET /serve/view.php?w=POPUNDER&h=&z=7695f96e977909c5700&c=DEFAULT&n=b065dcc55f40c946b33582acf97a8b2971803585cf362eb9e0a05dad97feb93d&integrity=eyJrZXkiOiJiYjM4ZjhiOWY5MTcwYTA5ZTM0NWU2ODFmMDU0OTU4MWY5NDRjNmIyMDc1ZWFkNzk5NGEzMTJiMzZlNmQ0MmUxIiwidGltZXN0YW1wIjoxNzI4NDEwODg0LCJpZGVudGlmaWVyIjoiZTA4MTkxNGI4NWMyODk5NzFiMDk1NjU1N2I0OGE2MGZiN2NlNTE4MzIyOWJhOWFiMGFiNWM5NTdiNjk0YWEzNCJ9 HTTP/1.1
Host: request-global.czilladx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 08 Oct 2024 18:08:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sun, 29 Jul 2012 00:00:00 GMT
Access-Control-Allow-Headers: *
Content-Encoding: br
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

coinzillatag.com/lib/display.js

172.67.206.14

1.8 kB

URL
coinzillatag.com/lib/display.js
IP
172.67.206.14:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text
Size
1.8 kB (1760 bytes)
Hash
93e21bdde251fa273fdcfd8da703f55e
e9a95b32e520feacc817d9b228ed0c9215c596e7
be6c43b7970f629c7f87c2832b8c074b34004e228cb79f44a80d0c66be5de262

HTTP Headers

GET /lib/display.js HTTP/1.1
Host: coinzillatag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: application/javascript
content-length: 1760
last-modified: Thu, 26 Sep 2024 13:35:40 GMT
etag: "1893-62305d084ae85-gzip"
cache-control: public, max-age=604800
expires: Sat, 02 Nov 2024 13:37:29 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cf-cache-status: HIT
age: 448172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mww3P3TP28hnnpFiLLLzLNVtDB3D%2FUe%2BlcVErz47nTo8z5ZpDlB2yFWIJq4BVm6axBNmdC5H8ncJQi1VOYwq%2FHA2Dox1Wqu7PbTYPEItpLKU6lkqbhI2dPFm1qOPwA%2Fj0DyM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812ffbf2956b4-OSL
X-Firefox-Spdy: h2

request-global.czilladx.com/serve/view.php?w=POPUNDER&h=&z=7695f96e977909c5700&c=DEFAULT&n=777bcbfc18306297aa02eeff54bbce54bcaa10aec96bc71b72c8aecc4144712a&integrity=eyJrZXkiOiIyNzUwZjZlOGEyZWY3MzU1YTMyZjk5Nzg0MjNiZDc0ZTZjY2YwNjBlODViYjkzZWFkYzZmN2VjYjY1ZTYwOGE2IiwidGltZXN0YW1wIjoxNzI4NDEwODg0LCJpZGVudGlmaWVyIjoiYTlkNWNkYWU2NjVkYjUwNGRjMDcyNzdmNWE3ODMwMTA4YzA5ZTdmOTY1YmNmZmZlZDdkM2MyMWExMTcyYmVjZSJ9

142.93.100.104

527 B

URL
request-global.czilladx.com/serve/view.php?w=POPUNDER&h=&z=7695f96e977909c5700&c=DEFAULT&n=777bcbfc18306297aa02eeff54bbce54bcaa10aec96bc71b72c8aecc4144712a&integrity=eyJrZXkiOiIyNzUwZjZlOGEyZWY3MzU1YTMyZjk5Nzg0MjNiZDc0ZTZjY2YwNjBlODViYjkzZWFkYzZmN2VjYjY1ZTYwOGE2IiwidGltZXN0YW1wIjoxNzI4NDEwODg0LCJpZGVudGlmaWVyIjoiYTlkNWNkYWU2NjVkYjUwNGRjMDcyNzdmNWE3ODMwMTA4YzA5ZTdmOTY1YmNmZmZlZDdkM2MyMWExMTcyYmVjZSJ9
IP
142.93.100.104:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text, with very long lines (1191), with no line terminators
Size
527 B (527 bytes)
Hash
2d8594de94bf0c9d076a785e03bd871c
90265fe98469f62c18e1b1d5d932e4d8f0d7ac49
1f055996e373724aee9497ec1cfb83eb4dd4bfc58b01980c6c9b4ae989bf0160

HTTP Headers

GET /serve/view.php?w=POPUNDER&h=&z=7695f96e977909c5700&c=DEFAULT&n=777bcbfc18306297aa02eeff54bbce54bcaa10aec96bc71b72c8aecc4144712a&integrity=eyJrZXkiOiIyNzUwZjZlOGEyZWY3MzU1YTMyZjk5Nzg0MjNiZDc0ZTZjY2YwNjBlODViYjkzZWFkYzZmN2VjYjY1ZTYwOGE2IiwidGltZXN0YW1wIjoxNzI4NDEwODg0LCJpZGVudGlmaWVyIjoiYTlkNWNkYWU2NjVkYjUwNGRjMDcyNzdmNWE3ODMwMTA4YzA5ZTdmOTY1YmNmZmZlZDdkM2MyMWExMTcyYmVjZSJ9 HTTP/1.1
Host: request-global.czilladx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 08 Oct 2024 18:08:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sun, 29 Jul 2012 00:00:00 GMT
Access-Control-Allow-Headers: *
Content-Encoding: br
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

request-global.czilladx.com/serve/view.php?w=POPUNDER&h=&z=7695f96e977909c5700&c=DEFAULT&n=5612c00d28c27487e1a95546b24daa929193aa189b4f35b77f872c171974896b&integrity=eyJrZXkiOiIxYzdmODhhMjkzYmE4YTU0NzAxNGRmNTM1MzVjZDhiMGViYWMyY2QyNzEwNjI5ZmJkNTY4Y2FkYmNhZmMxZjJlIiwidGltZXN0YW1wIjoxNzI4NDEwODg0LCJpZGVudGlmaWVyIjoiZmU0NTc2MGVjZjU1MDkyODFhYmM2ODAzMjc0NWExNjVlMzMxNThiYmYxYzE2NGExZGFjZGE5YTNkMTE2MzE1ZSJ9

142.93.100.104

527 B

URL
request-global.czilladx.com/serve/view.php?w=POPUNDER&h=&z=7695f96e977909c5700&c=DEFAULT&n=5612c00d28c27487e1a95546b24daa929193aa189b4f35b77f872c171974896b&integrity=eyJrZXkiOiIxYzdmODhhMjkzYmE4YTU0NzAxNGRmNTM1MzVjZDhiMGViYWMyY2QyNzEwNjI5ZmJkNTY4Y2FkYmNhZmMxZjJlIiwidGltZXN0YW1wIjoxNzI4NDEwODg0LCJpZGVudGlmaWVyIjoiZmU0NTc2MGVjZjU1MDkyODFhYmM2ODAzMjc0NWExNjVlMzMxNThiYmYxYzE2NGExZGFjZGE5YTNkMTE2MzE1ZSJ9
IP
142.93.100.104:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text, with very long lines (1191), with no line terminators
Size
527 B (527 bytes)
Hash
2d8594de94bf0c9d076a785e03bd871c
90265fe98469f62c18e1b1d5d932e4d8f0d7ac49
1f055996e373724aee9497ec1cfb83eb4dd4bfc58b01980c6c9b4ae989bf0160

HTTP Headers

GET /serve/view.php?w=POPUNDER&h=&z=7695f96e977909c5700&c=DEFAULT&n=5612c00d28c27487e1a95546b24daa929193aa189b4f35b77f872c171974896b&integrity=eyJrZXkiOiIxYzdmODhhMjkzYmE4YTU0NzAxNGRmNTM1MzVjZDhiMGViYWMyY2QyNzEwNjI5ZmJkNTY4Y2FkYmNhZmMxZjJlIiwidGltZXN0YW1wIjoxNzI4NDEwODg0LCJpZGVudGlmaWVyIjoiZmU0NTc2MGVjZjU1MDkyODFhYmM2ODAzMjc0NWExNjVlMzMxNThiYmYxYzE2NGExZGFjZGE5YTNkMTE2MzE1ZSJ9 HTTP/1.1
Host: request-global.czilladx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 08 Oct 2024 18:08:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sun, 29 Jul 2012 00:00:00 GMT
Access-Control-Allow-Headers: *
Content-Encoding: br
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
063f97ed6d5a135ebf236080b15ef74c
9fbdaaa82d623a004eb2caa9e76dcb8c6b87942a
9ad717f232114c46375b5fc5794ed295265741702a22e372e41e85cee967c6a8

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9AD717F232114C46375B5FC5794ED295265741702A22E372E41E85CEE967C6A8"
Last-Modified: Tue, 08 Oct 2024 04:05:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8352
Expires: Tue, 08 Oct 2024 20:27:17 GMT
Date: Tue, 08 Oct 2024 18:08:05 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
063f97ed6d5a135ebf236080b15ef74c
9fbdaaa82d623a004eb2caa9e76dcb8c6b87942a
9ad717f232114c46375b5fc5794ed295265741702a22e372e41e85cee967c6a8

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9AD717F232114C46375B5FC5794ED295265741702A22E372E41E85CEE967C6A8"
Last-Modified: Tue, 08 Oct 2024 04:05:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8352
Expires: Tue, 08 Oct 2024 20:27:17 GMT
Date: Tue, 08 Oct 2024 18:08:05 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
063f97ed6d5a135ebf236080b15ef74c
9fbdaaa82d623a004eb2caa9e76dcb8c6b87942a
9ad717f232114c46375b5fc5794ed295265741702a22e372e41e85cee967c6a8

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9AD717F232114C46375B5FC5794ED295265741702A22E372E41E85CEE967C6A8"
Last-Modified: Tue, 08 Oct 2024 04:05:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8352
Expires: Tue, 08 Oct 2024 20:27:17 GMT
Date: Tue, 08 Oct 2024 18:08:05 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
063f97ed6d5a135ebf236080b15ef74c
9fbdaaa82d623a004eb2caa9e76dcb8c6b87942a
9ad717f232114c46375b5fc5794ed295265741702a22e372e41e85cee967c6a8

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9AD717F232114C46375B5FC5794ED295265741702A22E372E41E85CEE967C6A8"
Last-Modified: Tue, 08 Oct 2024 04:05:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8352
Expires: Tue, 08 Oct 2024 20:27:17 GMT
Date: Tue, 08 Oct 2024 18:08:05 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
063f97ed6d5a135ebf236080b15ef74c
9fbdaaa82d623a004eb2caa9e76dcb8c6b87942a
9ad717f232114c46375b5fc5794ed295265741702a22e372e41e85cee967c6a8

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9AD717F232114C46375B5FC5794ED295265741702A22E372E41E85CEE967C6A8"
Last-Modified: Tue, 08 Oct 2024 04:05:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8352
Expires: Tue, 08 Oct 2024 20:27:17 GMT
Date: Tue, 08 Oct 2024 18:08:05 GMT
Connection: keep-alive

request-global.czilladx.com/serve/get.php?withoutAdCode=1&z=7695f96e977909c5700&w=1&h=1&wd=0&n=2305035033532

142.93.100.104

200 OK

326 B

URL GET HTTP/1.1
request-global.czilladx.com/serve/get.php?withoutAdCode=1&z=7695f96e977909c5700&w=1&h=1&wd=0&n=2305035033532
IP
142.93.100.104:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://coinads.online/allads.php
Certificate
IssuerSectigo Limited
Subjectcoinzilla.com
FingerprintD2:8E:F9:83:85:90:15:BD:07:36:B0:DA:A2:09:67:EF:8B:DA:F4:59
ValidityTue, 13 Aug 2024 00:00:00 GMT - Fri, 12 Sep 2025 23:59:59 GMT

File type
ASCII text, with very long lines (410), with no line terminators
Size
326 B (326 bytes)
Hash
54c6f1c2f277d1eca82965ab03e7d556
697f71c9f0064ef47263e435d5c09121ca67a94d
2eb6fb13a39d9a8f2baad9a53c1e69d1b6d110addf0fe32e0975902be4a50f2d

HTTP Headers

GET /serve/get.php?withoutAdCode=1&z=7695f96e977909c5700&w=1&h=1&wd=0&n=2305035033532 HTTP/1.1
Host: request-global.czilladx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coinads.online
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 08 Oct 2024 18:08:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://coinads.online
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sun, 29 Jul 2012 00:00:00 GMT
Access-Control-Allow-Headers: *
Content-Encoding: br
Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;

ctracking.io/check

109.109.135.103

204 No Content

0 B

URL GET HTTP/2
ctracking.io/check
IP
109.109.135.103:443
ASN
#205072 Layershift Limited

Requested by
https://coinads.online/allads.php
Certificate
IssuerLet's Encrypt
Subjectctracking.io
Fingerprint34:7D:DE:A7:77:48:AD:4D:CC:C7:2E:06:4D:E7:9B:0A:51:D5:C3:CF
ValidityFri, 16 Aug 2024 13:02:58 GMT - Thu, 14 Nov 2024 13:02:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /check HTTP/1.1
Host: ctracking.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dgbmining.online/
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://dgbmining.online
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: ded29f5a-0e07-4f64-ac6e-f3035e785d20
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: ctuid=ded29f5a-0e07-4f64-ac6e-f3035e785d20; Path=/; Domain=ctracking.io; Expires=Wed, 08 Oct 2025 18:08:05 GMT; HttpOnly; Secure; SameSite=None
route=8c2e835b44175e253f408a06a8a8cad6; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

ctracking.io/check

109.109.135.103

204 No Content

0 B

URL GET HTTP/2
ctracking.io/check
IP
109.109.135.103:443
ASN
#205072 Layershift Limited

Requested by
https://coinads.online/allads.php
Certificate
IssuerLet's Encrypt
Subjectctracking.io
Fingerprint34:7D:DE:A7:77:48:AD:4D:CC:C7:2E:06:4D:E7:9B:0A:51:D5:C3:CF
ValidityFri, 16 Aug 2024 13:02:58 GMT - Thu, 14 Nov 2024 13:02:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /check HTTP/1.1
Host: ctracking.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dgbmining.online/
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://dgbmining.online
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: 8e607641-d2e1-432c-8a9a-65d6429f2325
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: ctuid=8e607641-d2e1-432c-8a9a-65d6429f2325; Path=/; Domain=ctracking.io; Expires=Wed, 08 Oct 2025 18:08:05 GMT; HttpOnly; Secure; SameSite=None
route=1ae2bd1ef82bf90de26e91f94a523b73; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

ctracking.io/check

109.109.135.103

204 No Content

0 B

URL GET HTTP/2
ctracking.io/check
IP
109.109.135.103:443
ASN
#205072 Layershift Limited

Requested by
https://coinads.online/allads.php
Certificate
IssuerLet's Encrypt
Subjectctracking.io
Fingerprint34:7D:DE:A7:77:48:AD:4D:CC:C7:2E:06:4D:E7:9B:0A:51:D5:C3:CF
ValidityFri, 16 Aug 2024 13:02:58 GMT - Thu, 14 Nov 2024 13:02:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /check HTTP/1.1
Host: ctracking.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dgbmining.online/
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://dgbmining.online
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: b4bc8c68-1a09-4ece-8cd1-ac4a1901585d
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: ctuid=b4bc8c68-1a09-4ece-8cd1-ac4a1901585d; Path=/; Domain=ctracking.io; Expires=Wed, 08 Oct 2025 18:08:05 GMT; HttpOnly; Secure; SameSite=None
route=c55b6af840700334cdbe92fc4e5f7f3b; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8459a275afed6c304cc68f33114c61e0
ac54de1bdbf572195b00269e05dcec24b7ad458f
fc0f6d7cf00cac4ba77f7ed9e3e5829fdaa8f2f93fe470a7fd68deee4696c7a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 08 Oct 2024 18:08:05 GMT
Last-Modified: Tue, 08 Oct 2024 16:55:54 GMT
Server: ECAcc (ska/F776)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wDLI1PUqcx9YrsbGaZBPsa7WllhgaGv5UrvsmZq9nM2M3RqVMyJ5oA==
Age: 4331

7ool.net/richpartners/pops/js/fp.js

31.204.132.208

200 OK

16 kB

URL GET HTTP/2
7ool.net/richpartners/pops/js/fp.js
IP
31.204.132.208:443
ASN
#49544 i3D.net B.V

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subject7ool.net
FingerprintDF:7F:E2:B7:46:AB:B4:2D:6A:7F:1B:BC:DE:B6:94:CA:FD:6A:5E:CD
ValiditySat, 05 Oct 2024 00:56:28 GMT - Fri, 03 Jan 2025 00:56:27 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (37753)
Size
16 kB (16071 bytes)
Hash
4c7bedb3a22db4ccd067bca560c03ae2
c570fd718424301c624a3c1f4b2fed1bfe22cb88
3022822ddb652d058ac2088501e282714d1409c09009e9f25f0b7313028f45b4

HTTP Headers

GET /richpartners/pops/js/fp.js HTTP/1.1
Host: 7ool.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://richinfo.co/
Origin: https://e-earnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: application/x-javascript
x-amz-id-2: 8bm2x/FAFFeduESkckhCtrrFI+JjhWes9+VNtv4bj//7xdxcupLw8T3AuuGI8P60Mfn/FYtnoxDs7hep05S6XIAsCzHcexL1gp+dAELLv14=
x-amz-request-id: D9A3Q3AZ32R1M749
last-modified: Mon, 07 Oct 2024 11:58:55 GMT
etag: W/"4c7bedb3a22db4ccd067bca560c03ae2"
x-amz-server-side-encryption: AES256
access-control-allow-origin: https://e-earnings.odoo.com
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.249

504 B

URL
r10.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a8d333970bb1119e5b6efa36a1baab1a
396f0d77122d0d6540b4bc5f7f1d9f075563b2c6
d899029af97995db0f377a2155b37091a6fba3699527fd8b51ce5be6eab92d02

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D899029AF97995DB0F377A2155B37091A6FBA3699527FD8B51CE5BE6EAB92D02"
Last-Modified: Tue, 08 Oct 2024 04:01:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6865
Expires: Tue, 08 Oct 2024 20:02:30 GMT
Date: Tue, 08 Oct 2024 18:08:05 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b4e7bd334d458f2e79ead306ee5aad34
bf7c5fe577df431cfb44730cc89f6360ce8a2e0a
36454953aeabbc5c5e59c775eae616e5e4063b35e73cc19a89a511e5255d9f08

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "36454953AEABBC5C5E59C775EAE616E5E4063B35E73CC19A89A511E5255D9F08"
Last-Modified: Tue, 08 Oct 2024 04:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9071
Expires: Tue, 08 Oct 2024 20:39:16 GMT
Date: Tue, 08 Oct 2024 18:08:05 GMT
Connection: keep-alive

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8459a275afed6c304cc68f33114c61e0
ac54de1bdbf572195b00269e05dcec24b7ad458f
fc0f6d7cf00cac4ba77f7ed9e3e5829fdaa8f2f93fe470a7fd68deee4696c7a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 08 Oct 2024 18:08:05 GMT
Last-Modified: Tue, 08 Oct 2024 16:47:24 GMT
Server: ECAcc (ska/F7B0)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 07bCQjs_Vafo-FyH0yl4qt6_bBFfMe5bihTKEtCaHE50FEW_JM41NQ==
Age: 4841

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8459a275afed6c304cc68f33114c61e0
ac54de1bdbf572195b00269e05dcec24b7ad458f
fc0f6d7cf00cac4ba77f7ed9e3e5829fdaa8f2f93fe470a7fd68deee4696c7a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 08 Oct 2024 18:08:05 GMT
Last-Modified: Tue, 08 Oct 2024 16:46:15 GMT
Server: ECAcc (ska/F6A0)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hRS6t3sDW1W6MGZCgz74IJMsbRJ5BF7Gte-WM50tNMzDb4MYXjyx6Q==
Age: 4910

ctracking.io/check

109.109.135.103

204 No Content

0 B

URL GET HTTP/2
ctracking.io/check
IP
109.109.135.103:443
ASN
#205072 Layershift Limited

Requested by
https://coinads.online/allads.php
Certificate
IssuerLet's Encrypt
Subjectctracking.io
Fingerprint34:7D:DE:A7:77:48:AD:4D:CC:C7:2E:06:4D:E7:9B:0A:51:D5:C3:CF
ValidityFri, 16 Aug 2024 13:02:58 GMT - Thu, 14 Nov 2024 13:02:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /check HTTP/1.1
Host: ctracking.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dgbmining.online/
Content-Type: application/json
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://dgbmining.online
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: fabbc315-b8be-4555-8c68-2d582fcd16f9
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: ctuid=fabbc315-b8be-4555-8c68-2d582fcd16f9; Path=/; Domain=ctracking.io; Expires=Wed, 08 Oct 2025 18:08:05 GMT; HttpOnly; Secure; SameSite=None
route=1ae2bd1ef82bf90de26e91f94a523b73; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/511868/728x90?region=eu-central-1

116.202.214.170

200 OK

143 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/511868/728x90?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2355298?size=728x90
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 728 x 90
Size
143 kB (143037 bytes)
Hash
20f96d1e3f2bfa0e9c8e31909aad1cc5
076b1f8f084abf53723efc442fa4578d60f1799c
80936f4de85a22daa49fdf74ae4f2ae173852870ec8a3d5eecb4903b0e1758c7

HTTP Headers

GET /a-ads-banners/511868/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: image/gif
content-length: 143037
x-amz-id-2: PEPwQ8yEMo4ZLauXRVZPMeuw20EzUE0csd1q1jsYVVsBq4Azk+vAWFPj+lOy0gChmqlxqB9yujk=
x-amz-request-id: DW15J7A6HDC470HA
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 May 2024 02:44:14 GMT
etag: "20f96d1e3f2bfa0e9c8e31909aad1cc5"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: H3z9TLrfrdaR34yV5D.5nDzjqGUpQr9t
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

ctracking.io/check

109.109.135.103

204 No Content

0 B

URL GET HTTP/2
ctracking.io/check
IP
109.109.135.103:443
ASN
#205072 Layershift Limited

Requested by
https://coinads.online/allads.php
Certificate
IssuerLet's Encrypt
Subjectctracking.io
Fingerprint34:7D:DE:A7:77:48:AD:4D:CC:C7:2E:06:4D:E7:9B:0A:51:D5:C3:CF
ValidityFri, 16 Aug 2024 13:02:58 GMT - Thu, 14 Nov 2024 13:02:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /check HTTP/1.1
Host: ctracking.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dgbmining.online/
Content-Type: application/json
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://dgbmining.online
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: b1120d12-59b1-48d9-a2c3-a6f97b2fd89e
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: ctuid=b1120d12-59b1-48d9-a2c3-a6f97b2fd89e; Path=/; Domain=ctracking.io; Expires=Wed, 08 Oct 2025 18:08:05 GMT; HttpOnly; Secure; SameSite=None
route=8c2e835b44175e253f408a06a8a8cad6; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

ctracking.io/check

109.109.135.103

204 No Content

0 B

URL GET HTTP/2
ctracking.io/check
IP
109.109.135.103:443
ASN
#205072 Layershift Limited

Requested by
https://coinads.online/allads.php
Certificate
IssuerLet's Encrypt
Subjectctracking.io
Fingerprint34:7D:DE:A7:77:48:AD:4D:CC:C7:2E:06:4D:E7:9B:0A:51:D5:C3:CF
ValidityFri, 16 Aug 2024 13:02:58 GMT - Thu, 14 Nov 2024 13:02:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /check HTTP/1.1
Host: ctracking.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dgbmining.online/
Content-Type: application/json
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://dgbmining.online
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: 3b12e3d4-6c4b-42c3-87ac-7569f78a5b95
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: ctuid=3b12e3d4-6c4b-42c3-87ac-7569f78a5b95; Path=/; Domain=ctracking.io; Expires=Wed, 08 Oct 2025 18:08:05 GMT; HttpOnly; Secure; SameSite=None
route=1ae2bd1ef82bf90de26e91f94a523b73; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/523894/468x60?region=eu-central-1

116.202.214.170

370 kB

URL
static.a-ads.com/a-ads-banners/523894/468x60?region=eu-central-1
IP
116.202.214.170:0
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 468 x 60
Size
370 kB (370226 bytes)
Hash
378db8cc56070f11abf161719b1e86ad
8e32e13027cf9bfd2d090dc64347e01ca9aaa952
1e31e3c72b4fdeb793ae97138dcdce2e7764c5b61486dd873a2d1cf664a50897

HTTP Headers

GET /a-ads-banners/523894/468x60?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: image/gif
content-length: 370226
x-amz-id-2: K8s3lF6R/BohVDd6G8/q4TR46AL2wdlFfq2oXET1JD+wna7AEFjgAOlSHxHkD8326hJEyTO0RkKFHAo4L2WVmQ==
x-amz-request-id: 3Z8PS6M0KVTFPWZR
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Oct 2024 08:03:07 GMT
etag: "378db8cc56070f11abf161719b1e86ad"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: ihlsJKqRNq0XwDEA8qBW_M6EXIqvltYv
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/523829/320x50?region=eu-central-1

116.202.214.170

200 OK

271 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/523829/320x50?region=eu-central-1
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 320 x 50
Size
271 kB (271337 bytes)
Hash
156ee38850b4d1b3bd9ee4cd9a9a6954
e223075c65eea61b7e707803c484637c9b507482
be92db55056adb5720277fc663eba50f20c12ef36750355d6392548ca59f82e4

HTTP Headers

GET /a-ads-banners/523829/320x50?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: image/gif
content-length: 271337
x-amz-id-2: acd/L5jaABe2EUMoeAQWPWzPdEQAgXlxgql1IodVS9H6ANkmndp68Xuvl8cjr947p5QTyS35o8c=
x-amz-request-id: T9XG0T4DQS1JWE8T
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Oct 2024 07:58:46 GMT
etag: "156ee38850b4d1b3bd9ee4cd9a9a6954"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: QNKGwXV2OaU5UFX8AtWnYlooZATch_Ht
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

ctracking.io/check

109.109.135.103

204 No Content

0 B

URL GET HTTP/2
ctracking.io/check
IP
109.109.135.103:443
ASN
#205072 Layershift Limited

Requested by
https://coinads.online/allads.php
Certificate
IssuerLet's Encrypt
Subjectctracking.io
Fingerprint34:7D:DE:A7:77:48:AD:4D:CC:C7:2E:06:4D:E7:9B:0A:51:D5:C3:CF
ValidityFri, 16 Aug 2024 13:02:58 GMT - Thu, 14 Nov 2024 13:02:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /check HTTP/1.1
Host: ctracking.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coinads.online/
Content-Type: application/json
Origin: https://coinads.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://coinads.online
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: 9239ae68-8006-4927-9f1b-4eb5600d81e2
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: ctuid=9239ae68-8006-4927-9f1b-4eb5600d81e2; Path=/; Domain=ctracking.io; Expires=Wed, 08 Oct 2025 18:08:05 GMT; HttpOnly; Secure; SameSite=None
route=c55b6af840700334cdbe92fc4e5f7f3b; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

static.a-ads.com/a-ads-banners/520979/320x100?region=eu-central-1

116.202.214.170

15 kB

URL
static.a-ads.com/a-ads-banners/520979/320x100?region=eu-central-1
IP
116.202.214.170:0
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
PNG image data, 320 x 100, 8-bit/color RGBA, non-interlaced
Size
15 kB (14871 bytes)
Hash
6a4b45a5a6d6b8a2fccceba701fb9af2
9b4f3b1ef0078d8247d4657ed6bb8a98d616e3fd
9bb75fde9054d53e5016b1eb71ea1a3f3cc852010ae113913a41d06a4cad4d43

HTTP Headers

GET /a-ads-banners/520979/320x100?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: image/png
content-length: 14871
x-amz-id-2: l6oGFynqqj02m1ruqRmSnkVrNBwvIuau+OhYf/jCskjGGhrQZuMwzkh939Djr1HtP5+0tRLkPHI=
x-amz-request-id: 6APN8TQ6HJWF5AY8
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Aug 2024 09:27:46 GMT
etag: "6a4b45a5a6d6b8a2fccceba701fb9af2"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: wqpAnXfzgzkyKpTFwzfYCdsRHfMqWk78
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

lokilokitwo.de:10006/

89.58.15.35

0 B

URL
lokilokitwo.de:10006/
IP
89.58.15.35:0
ASN
#197540 netcup GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: lokilokitwo.de:10006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://digitalhub.odoo.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ij42eezrhjzjEltGsmNMbA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: DxiIAfrUAV17yLnHJbvEpsfR3Fg=

static.a-ads.com/a-ads-banners/523838/300x250?region=eu-central-1

116.202.214.170

487 kB

URL
static.a-ads.com/a-ads-banners/523838/300x250?region=eu-central-1
IP
116.202.214.170:0
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 300 x 250
Size
487 kB (486594 bytes)
Hash
a8494a1bdebcdefa9a5dabb427fb39f6
4fa09ac96ccd7f5e1a4ce63a026796eb845d1847
4ef9c160a7d3f7e538e2ef617f667d41224f8907a3cfc4f91c112350c4ab1f84

HTTP Headers

GET /a-ads-banners/523838/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: image/gif
content-length: 486594
x-amz-id-2: UqnvWlW1QHNJU40Muj9kp+8RPnN9KB74tEbzrl2V3pfx46a6LViId2RWv7diDeZqAlGQabB/oS5D4Hm4NmGg+xFagN/SlahN
x-amz-request-id: T9XXSQY2ZE2FG2SP
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Oct 2024 07:58:48 GMT
etag: "a8494a1bdebcdefa9a5dabb427fb39f6"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: 2gNrTjIOV_ignI3cYgeHsqdqwgPeBtu6
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

ad.a-ads.com/2355877?size=300x250

116.202.214.170

200 OK

6.8 kB

URL GET HTTP/2
ad.a-ads.com/2355877?size=300x250
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
6.8 kB (6752 bytes)
Hash
965c48877100af0dae15b878d63277e0
cceb2f78749dd21f901511e6edb32bab84de9705
85769166fcc57549e21ca53936f253da02b85d5abc1e5aa3e546677e8f0f6d7d

HTTP Headers

GET /2355877?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://dgbmining.online/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

obtaintrout.com/watch.686057647555.js?key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&refer=https%3A%2F%2Fdigitalhub.odoo.com%2F&tz=0&dev=e&res=14.2071&rb=&uuid=

172.240.108.76

0 B

URL
obtaintrout.com/watch.686057647555.js?key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&refer=https%3A%2F%2Fdigitalhub.odoo.com%2F&tz=0&dev=e&res=14.2071&rb=&uuid=
IP
172.240.108.76:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.686057647555.js?key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&refer=https%3A%2F%2Fdigitalhub.odoo.com%2F&tz=0&dev=e&res=14.2071&rb=&uuid= HTTP/1.1
Host: obtaintrout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://piclinks.in
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Tue, 08 Oct 2024 18:08:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://piclinks.in
Access-Control-Allow-Origin: https://piclinks.in
Access-Control-Allow-Credentials: true
Location: https://obtaintrout.com/watch.686057647555.js?dev=e&key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&pst=1728410945&rb=&refer=https%3A%2F%2Fdigitalhub.odoo.com%2F&res=14.2071&rmtc=t&shu=9cd0996e6287f5ad2347f7fa8f672535c8f5105c3619623a2f31ebefd632dd02968ad7cae0dc661cc6d8ca0b5cf62243e1c435150051e5416e26d0b58493257a2624a7bf204963ecad92036cabce0a9cf3f01f738e4bbd525b2d88&tz=0&uuid=
Set-Cookie: u_pl=19896630; expires=Wed, 09 Oct 2024 18:08:05 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg5NjYzMCwiayI6IjNlMmI0Y2U4YTQzMDlhNjU0Yjg2NzY5MjM2MTFiODBmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzM3NDMwLCJwaWQiOjgzMjQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJnajM2OWtraCIsImNwa3MiOnsiMjgiOiJmZTcyNzM1OTg0MDUzMGQ5ODVlNGQ4NDhlMTIzZmQ1NCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9kaWdpdGFsaHViLm9kb28uY29tLyIsImFyIjpbXX19.8ZB_OXaRmrsqKnz5gcKOHglEXpVnK-v3eF0CA9i0ygc; expires=Tue, 08 Oct 2024 18:09:05 GMT; path=/; secure; SameSite=None
Host: obtaintrout.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 78e3625ed57ccfa2c606e4714fee251f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

lonerprevailed.com/watch.1552443231707.js?key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&refer=https%3A%2F%2Fe-earnings.odoo.com%2F&tz=0&dev=e&res=14.2071&rb=&uuid=

172.240.108.76

0 B

URL
lonerprevailed.com/watch.1552443231707.js?key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&refer=https%3A%2F%2Fe-earnings.odoo.com%2F&tz=0&dev=e&res=14.2071&rb=&uuid=
IP
172.240.108.76:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1552443231707.js?key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&refer=https%3A%2F%2Fe-earnings.odoo.com%2F&tz=0&dev=e&res=14.2071&rb=&uuid= HTTP/1.1
Host: lonerprevailed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://piclinks.in
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Tue, 08 Oct 2024 18:08:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://piclinks.in
Access-Control-Allow-Origin: https://piclinks.in
Access-Control-Allow-Credentials: true
Location: https://lonerprevailed.com/watch.1552443231707.js?dev=e&key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&pst=1728410945&rb=&refer=https%3A%2F%2Fe-earnings.odoo.com%2F&res=14.2071&rmtc=t&shu=57d3c938dd03d2c2b50dd2f8f0a8ec6bc967264cc03a36b95bce8ccd3512e8fcbd56e0a0003e9b41422523c81fe984ffdeb11919191e44b5579509d97ca00188088c67634158b8a8aa7b0b010d8e44610c2292628c775ea0661d74&tz=0&uuid=
Set-Cookie: u_pl=19896630; expires=Wed, 09 Oct 2024 18:08:05 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg5NjYzMCwiayI6IjNlMmI0Y2U4YTQzMDlhNjU0Yjg2NzY5MjM2MTFiODBmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzM3NDMwLCJwaWQiOjgzMjQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJnajM2OWtraCIsImNwa3MiOnsiMjgiOiJmZTcyNzM1OTg0MDUzMGQ5ODVlNGQ4NDhlMTIzZmQ1NCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9lLWVhcm5pbmdzLm9kb28uY29tLyIsImFyIjpbXX19.lGIG8DIWDzXykgJWPPJenVOQKcEnsFhLUtJnIXrx1F0; expires=Tue, 08 Oct 2024 18:09:05 GMT; path=/; secure; SameSite=None
Host: lonerprevailed.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 4269d9b057a6051da22d3301b144d0a7
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

lonerprevailed.com/fe/72/73/fe727359840530d985e4d848e123fd54.js

192.243.59.20

34 kB

URL
lonerprevailed.com/fe/72/73/fe727359840530d985e4d848e123fd54.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33660 bytes)
Hash
ccaf4cc947cbb81f9e06b56a3a4064d5
26dceb0b38cba8888890d4f8148fb7bd80d2f640
05e9a1a8818a0669cb33c10a137dbec9e897c7156af3c883ac13781cb89b485a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fe/72/73/fe727359840530d985e4d848e123fd54.js HTTP/1.1
Host: lonerprevailed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 08 Oct 2024 18:08:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: lonerprevailed.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 3c3907eef370a86929642fae24996c8e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

obtaintrout.com/fe/72/73/fe727359840530d985e4d848e123fd54.js

192.243.61.227

34 kB

URL
obtaintrout.com/fe/72/73/fe727359840530d985e4d848e123fd54.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33662 bytes)
Hash
40405f74fbb8cac70f7c2030e75eca34
7732728f3b0ebeba1a5fa9852e126af6362cd83c
3a2e8ca451a575e15022dd0bcaf3ef16b62201d638bb161bb70531683d9f758f

HTTP Headers

GET /fe/72/73/fe727359840530d985e4d848e123fd54.js HTTP/1.1
Host: obtaintrout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 08 Oct 2024 18:08:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: obtaintrout.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 5b95fcdb7350bc469c2027223ac9f152
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

eu.convers.link/users/info?callback=userinfo_rp_pu

109.200.199.111

49 kB

URL
eu.convers.link/users/info?callback=userinfo_rp_pu
IP
109.200.199.111:0
ASN
#49544 i3D.net B.V

File type
gzip compressed data, from Unix
Size
49 kB (48641 bytes)
Hash
90ba0f871076e0136d1c6b8e680509da
0f3db056376d104fe649706ca679df594e3dd3c4
750c185d02a7956cb0331d3823c637e85ab345192227cfb404c88bd3dfbe41ff

HTTP Headers

GET /users/info?callback=userinfo_rp_pu HTTP/1.1
Host: eu.convers.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: application/json;charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/3
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/2353305?size=320x50
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ad.a-ads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 13:02:51 GMT
expires: Sun, 05 Oct 2025 13:02:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
age: 277514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

142.250.74.106

200 OK

1.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://ad.a-ads.com/1110727?size=728x90
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint58:48:CD:9D:CD:36:2C:BF:35:F8:E0:82:73:2B:F8:79:64:BB:AE:F7
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1339 bytes)
Hash
902daf45b8a5c2a07ea3116534f6b699
03ed9fd3d6940a9a0e2d0e6a49388e9fb8839541
8051c30ac78c3131eb70c3ddb17f71093b7fc6f5d1bd2f54b9853598e6f3f628

HTTP Headers

GET /css2?family=Inter:wght@400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Oct 2024 18:08:05 GMT
date: Tue, 08 Oct 2024 18:08:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

appsha-pnd.ctengine.io/static/popunder.js?v=1724924326288

109.109.136.213

200 OK

697 B

URL GET HTTP/2
appsha-pnd.ctengine.io/static/popunder.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (697), with no line terminators
Size
697 B (697 bytes)
Hash
d50878e9e6a825e4e946b5504757f185
e4d714a00ead20b7079d8b3989f6cf449cc4fe7e
4661af2a1102d437be6149188d92d82b5e8991bf8e942d2ba0834250c0e44677

HTTP Headers

GET /static/popunder.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: application/javascript; charset=UTF-8
content-length: 697
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=71cbf250b7617ec404819c2494290103; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

appsha-pnd.ctengine.io/static/popunder.js?v=1724924326288

109.109.136.213

200 OK

697 B

URL GET HTTP/2
appsha-pnd.ctengine.io/static/popunder.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (697), with no line terminators
Size
697 B (697 bytes)
Hash
d50878e9e6a825e4e946b5504757f185
e4d714a00ead20b7079d8b3989f6cf449cc4fe7e
4661af2a1102d437be6149188d92d82b5e8991bf8e942d2ba0834250c0e44677

HTTP Headers

GET /static/popunder.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:06 GMT
content-type: application/javascript; charset=UTF-8
content-length: 697
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:06 GMT
last-modified: Tue, 08 Oct 2024 18:08:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=b69b7737fc9de3bcfcefb724b85e82b2; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

appsha-pnd.ctengine.io/static/popunder.js?v=1724924326288

109.109.136.213

200 OK

697 B

URL GET HTTP/2
appsha-pnd.ctengine.io/static/popunder.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (697), with no line terminators
Size
697 B (697 bytes)
Hash
d50878e9e6a825e4e946b5504757f185
e4d714a00ead20b7079d8b3989f6cf449cc4fe7e
4661af2a1102d437be6149188d92d82b5e8991bf8e942d2ba0834250c0e44677

HTTP Headers

GET /static/popunder.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coinads.online
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:06 GMT
content-type: application/javascript; charset=UTF-8
content-length: 697
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:06 GMT
last-modified: Tue, 08 Oct 2024 18:08:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=71cbf250b7617ec404819c2494290103; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

35.158.166.153

40 B

URL
proftrafficcounter.com/stats
IP
35.158.166.153:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
6a1fcd4b42e1cb9e671fb49ec55dacf3
75a9d76769d01458b4e74416fd0332d470352db7
dcc21180980415a1a713dc56938324a67d962f3f128d9de5db0a6f4fcc0d56fe

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://piclinks.in
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://piclinks.in
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ac5fde2f-8f78-465f-aba5-45868a13303b:1:1; expires=Fri, 06 Oct 2034 18:08:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

35.158.166.153

40 B

URL
proftrafficcounter.com/stats
IP
35.158.166.153:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
02b24b4275a207b5c6865c09392ed7e6
18ef77e6c05c76953ec288ddb15b7ef6cd71e621
6c0719fe1b6bcc2e0f76fd07e750ca11be49ac8fdb636c3b0187c45d4cbb2859

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://piclinks.in
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:06 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://piclinks.in
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ed4ae9df-04cd-4001-bc81-6ea76d7dc072:1:1; expires=Fri, 06 Oct 2034 18:08:06 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

cdn.coinzilla.com/base/click.html?type=popunder&zone=7695f96e977909c5700

104.26.3.188

200 OK

1.0 kB

URL GET HTTP/2
cdn.coinzilla.com/base/click.html?type=popunder&zone=7695f96e977909c5700
IP
104.26.3.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGoogle Trust Services
Subjectcoinzilla.com
Fingerprint2E:84:C9:12:FD:E9:E3:25:14:71:13:75:C6:63:5B:33:13:23:48:0C
ValidityThu, 05 Sep 2024 00:48:37 GMT - Wed, 04 Dec 2024 00:48:36 GMT

File type
HTML document, ASCII text, with very long lines (885)
Size
1.0 kB (1005 bytes)
Hash
f88b0da6844323d820a2a28446ac6eb1
683c873ffaa9041284561377c08eddfa447656fb
91f63e22f3cb73362fa8abc1e712208c5d38676a7741082d1656982e998d9d47

HTTP Headers

GET /base/click.html?type=popunder&zone=7695f96e977909c5700 HTTP/1.1
Host: cdn.coinzilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://request-global.czilladx.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: text/html
last-modified: Wed, 03 Aug 2022 12:13:18 GMT
cache-control: max-age=604800, public
expires: Tue, 15 Oct 2024 18:08:05 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44h6QrDUZkcj1CJtQGh%2BZSQ9SdTs%2FxnDfmqEpoedR7pPzKEHB1etHrZhnrU2LF4cFeG0TRiTVc%2BnjeMpqyw29mU1hxTWXDlM3kgKUBqTYE7qlHyjqmJxwtevpKJAqQegR2%2BU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf813040b7256b7-OSL
content-encoding: br
X-Firefox-Spdy: h2

appsha-pnd.ctengine.io/static/slide.js?v=1724924326288

109.109.136.213

200 OK

2.0 kB

URL GET HTTP/2
appsha-pnd.ctengine.io/static/slide.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://coinads.online/allads.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (9632), with no line terminators
Size
2.0 kB (2004 bytes)
Hash
d9fcb9b0fa640c4d8af9924f7ddfed76
9d14e36d46e6ddd72bf7d8e53ca832e10764857f
2466fab8e5278776d3a39d39e83d4dc232a0fcaf67a69bc58762a9d4f9d87201

HTTP Headers

GET /static/slide.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=71cbf250b7617ec404819c2494290103; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

appsha-pnd.ctengine.io/static/inpage.js?v=1724924326288

109.109.136.213

200 OK

3.8 kB

URL GET HTTP/2
appsha-pnd.ctengine.io/static/inpage.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (31064), with no line terminators
Size
3.8 kB (3824 bytes)
Hash
bb72e129d9a2235a2764076efdf9ce98
001a9c8ee635030f5e53144e432fffb4ad5f334c
fada96d99565f27c0749dcfba771f2eb552bc0f76e98b2b88153a8bbe548cb8b

HTTP Headers

GET /static/inpage.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=b69b7737fc9de3bcfcefb724b85e82b2; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

appsha-pnd.ctengine.io/static/inpage.js?v=1724924326288

109.109.136.213

200 OK

4.3 kB

URL GET HTTP/2
appsha-pnd.ctengine.io/static/inpage.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
4.3 kB (4328 bytes)
Hash
a4e6c0cced2fd985f30fda16e69f7496
8f72a1b50bc7ce7e0f110cdfcb3b42af0dc8f3a4
3bff0ad1634ae7aecb63399e05bebb25aeca0eb68f3a7e7defdaa8f9e290d75b

HTTP Headers

GET /static/inpage.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=5d7573d67191f489767476aa551e9701; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

lonerprevailed.com/watch.1552443231707.js?dev=e&key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&pst=1728410945&rb=&refer=https%3A%2F%2Fe-earnings.odoo.com%2F&res=14.2071&rmtc=t&shu=57d3c938dd03d2c2b50dd2f8f0a8ec6bc967264cc03a36b95bce8ccd3512e8fcbd56e0a0003e9b41422523c81fe984ffdeb11919191e44b5579509d97ca00188088c67634158b8a8aa7b0b010d8e44610c2292628c775ea0661d74&tz=0&uuid=

172.240.108.76

0 B

URL
lonerprevailed.com/watch.1552443231707.js?dev=e&key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&pst=1728410945&rb=&refer=https%3A%2F%2Fe-earnings.odoo.com%2F&res=14.2071&rmtc=t&shu=57d3c938dd03d2c2b50dd2f8f0a8ec6bc967264cc03a36b95bce8ccd3512e8fcbd56e0a0003e9b41422523c81fe984ffdeb11919191e44b5579509d97ca00188088c67634158b8a8aa7b0b010d8e44610c2292628c775ea0661d74&tz=0&uuid=
IP
172.240.108.76:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1552443231707.js?dev=e&key=3e2b4ce8a4309a654b8676923611b80f&kw=%5B%22piclinks-%22%2C%22viewdl%22%5D&pst=1728410945&rb=&refer=https%3A%2F%2Fe-earnings.odoo.com%2F&res=14.2071&rmtc=t&shu=57d3c938dd03d2c2b50dd2f8f0a8ec6bc967264cc03a36b95bce8ccd3512e8fcbd56e0a0003e9b41422523c81fe984ffdeb11919191e44b5579509d97ca00188088c67634158b8a8aa7b0b010d8e44610c2292628c775ea0661d74&tz=0&uuid= HTTP/1.1
Host: lonerprevailed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://piclinks.in
Referer: https://piclinks.in/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19896630; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg5NjYzMCwiayI6IjNlMmI0Y2U4YTQzMDlhNjU0Yjg2NzY5MjM2MTFiODBmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzM3NDMwLCJwaWQiOjgzMjQ3NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJnajM2OWtraCIsImNwa3MiOnsiMjgiOiJmZTcyNzM1OTg0MDUzMGQ5ODVlNGQ4NDhlMTIzZmQ1NCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9lLWVhcm5pbmdzLm9kb28uY29tLyIsImFyIjpbXX19.lGIG8DIWDzXykgJWPPJenVOQKcEnsFhLUtJnIXrx1F0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 08 Oct 2024 18:08:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://piclinks.in
Access-Control-Allow-Origin: https://piclinks.in
Access-Control-Allow-Credentials: true
Host: lonerprevailed.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e391b1ec6e85a6090c8872f23886c9b2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

appsha-pnd.ctengine.io/static/inpage.js?v=1724924326288

109.109.136.213

200 OK

89 kB

URL GET HTTP/2
appsha-pnd.ctengine.io/static/inpage.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
89 kB (89202 bytes)
Hash
4760588a7b63fd2d1b3ac217760656dd
293626f20c4ec82e05cd4f15c9755dc0d8ea9bfb
2d6cb485b3f877739203943e24fb3925d09bacf94a0abe8703ee5c2af25f91dc

HTTP Headers

GET /static/inpage.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coinads.online
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:06 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:06 GMT
last-modified: Tue, 08 Oct 2024 18:08:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=b69b7737fc9de3bcfcefb724b85e82b2; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0b097625f10926c3ead37110209bb313
6df4ce3f906b9b2938f5fbc42262fd4db7d5c3a6
a8a9673cdbb6c8559280e20dca38176f5b9175f85f327ca665dff9668346302c

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A8A9673CDBB6C8559280E20DCA38176F5B9175F85F327CA665DFF9668346302C"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10641
Expires: Tue, 08 Oct 2024 21:05:27 GMT
Date: Tue, 08 Oct 2024 18:08:06 GMT
Connection: keep-alive

appsha-pnd.ctengine.io/static/notification.js?v=1724924326288

109.109.136.213

200 OK

92 kB

URL GET HTTP/2
appsha-pnd.ctengine.io/static/notification.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
92 kB (92515 bytes)
Hash
4fa22ba7a3338c790fcbebc80077cefc
c8edfcfb4d3f9631e11ff0d76909e594db88ec2d
66bf2017d26eee66ccdebb28b35f49dfeee6a24feb03733fbc72de15f149a9df

HTTP Headers

GET /static/notification.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:05 GMT
last-modified: Tue, 08 Oct 2024 18:08:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=5d7573d67191f489767476aa551e9701; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

appsha-pnd.ctengine.io/static/notification.js?v=1724924326288

109.109.136.213

200 OK

7.7 kB

URL GET HTTP/2
appsha-pnd.ctengine.io/static/notification.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
7.7 kB (7678 bytes)
Hash
f4e40f96822e9109a97e28c8bddc9e06
96522f702368e09dfb73aa1a1fdae8b6b15d9b39
5baa5158d8e0914c610f635df7887baeff89b9890dc90cab3565b9b1156449e9

HTTP Headers

GET /static/notification.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coinads.online
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:06 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:06 GMT
last-modified: Tue, 08 Oct 2024 18:08:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=5d7573d67191f489767476aa551e9701; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

apps-pnd.ctengine.io/tmp

109.109.137.73

200 OK

0 B

URL POST HTTP/2
apps-pnd.ctengine.io/tmp
IP
109.109.137.73:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /tmp HTTP/1.1
Host: apps-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,ct-remote-token
Referer: https://dgbmining.online/
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Tue, 08 Oct 2024 18:08:06 GMT
access-control-allow-origin: https://dgbmining.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Configuration
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Configuration
access-control-max-age: 1728000
set-cookie: route=fa645bd5d2aa41acee2d8dad99465bc0; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

appsha-pnd.ctengine.io/static/inpage.js?v=1724924326288

109.109.136.213

200 OK

3.8 kB

URL GET HTTP/2
appsha-pnd.ctengine.io/static/inpage.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (31064), with no line terminators
Size
3.8 kB (3824 bytes)
Hash
bb72e129d9a2235a2764076efdf9ce98
001a9c8ee635030f5e53144e432fffb4ad5f334c
fada96d99565f27c0749dcfba771f2eb552bc0f76e98b2b88153a8bbe548cb8b

HTTP Headers

GET /static/inpage.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:06 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:06 GMT
last-modified: Tue, 08 Oct 2024 18:08:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=5d7573d67191f489767476aa551e9701; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

apps-pnd.ctengine.io/tmp

109.109.137.73

200 OK

0 B

URL POST HTTP/2
apps-pnd.ctengine.io/tmp
IP
109.109.137.73:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /tmp HTTP/1.1
Host: apps-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,ct-remote-token
Referer: https://dgbmining.online/
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Tue, 08 Oct 2024 18:08:06 GMT
access-control-allow-origin: https://dgbmining.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Configuration
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Configuration
access-control-max-age: 1728000
set-cookie: route=5277de26dd3589b95f7eedb4690a8b63; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

reminderasking.com/pixel/purst?dl=0&th=0&sc=0&rs=5766&rd=5766&fd=1729&bv=24.8.8180&tmpl=136

192.243.59.12

0 B

URL
reminderasking.com/pixel/purst?dl=0&th=0&sc=0&rs=5766&rd=5766&fd=1729&bv=24.8.8180&tmpl=136
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=5766&rd=5766&fd=1729&bv=24.8.8180&tmpl=136 HTTP/1.1
Host: reminderasking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 08 Oct 2024 18:08:06 GMT
Content-Length: 0
Connection: keep-alive
Host: reminderasking.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

apps-pnd.ctengine.io/tmp

109.109.137.73

200 OK

0 B

URL POST HTTP/2
apps-pnd.ctengine.io/tmp
IP
109.109.137.73:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /tmp HTTP/1.1
Host: apps-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,ct-remote-token
Referer: https://coinads.online/
Origin: https://coinads.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Tue, 08 Oct 2024 18:08:06 GMT
access-control-allow-origin: https://coinads.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Configuration
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Configuration
access-control-max-age: 1728000
set-cookie: route=fe73f4146db16e97451525be03bece61; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

apps-pnd.ctengine.io/tmp

109.109.137.73

200 OK

87 B

URL POST HTTP/2
apps-pnd.ctengine.io/tmp
IP
109.109.137.73:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
87 B (87 bytes)
Hash
6eaea4b749943ab3518324dd0c1192f7
8808df4db420897c969685d8e86716c1a2f0c0a9
3b434bd65cd1b03860a87f0d5039d672e96d3071c6fd16b86715a85081fdc476

HTTP Headers

POST /tmp HTTP/1.1
Host: apps-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
CT-Remote-Token: 3b12e3d4-6c4b-42c3-87ac-7569f78a5b95
Content-Length: 107
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:06 GMT
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: https://dgbmining.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Configuration
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Configuration
set-cookie: ctuid=3b12e3d4-6c4b-42c3-87ac-7569f78a5b95; expires=Thu, 07 Nov 2024 18:08:06 GMT; Max-Age=2592000; path=/; domain=.ctengine.io; secure; HttpOnly; SameSite=None
route=52628d0796470f89c39ef46a0d877c4a; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.249

504 B

URL
r10.o.lencr.org/
IP
23.36.76.249:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fcb808f6ddb5e3478ec0c88a401dd7fd
42f07a2c6ec29432c32caa6ca7125710748fd413
5265833d1553161b86d5575b2e3e0d1f56512029056d28b64a27edc254844d80

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5265833D1553161B86D5575B2E3E0D1F56512029056D28B64A27EDC254844D80"
Last-Modified: Tue, 08 Oct 2024 04:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14515
Expires: Tue, 08 Oct 2024 22:10:02 GMT
Date: Tue, 08 Oct 2024 18:08:07 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=ed4ae9df-04cd-4001-bc81-6ea76d7dc072&eb=45a089584ad8b09819d75dc6bb9c1bdf&te=7b9c6871c64c0dd6bcb9b452885243b8&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=fe727359840530d985e4d848e123fd54&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.12

1 B

URL
unseenreport.com/pxf.gif?uuid=ed4ae9df-04cd-4001-bc81-6ea76d7dc072&eb=45a089584ad8b09819d75dc6bb9c1bdf&te=7b9c6871c64c0dd6bcb9b452885243b8&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=fe727359840530d985e4d848e123fd54&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=ed4ae9df-04cd-4001-bc81-6ea76d7dc072&eb=45a089584ad8b09819d75dc6bb9c1bdf&te=7b9c6871c64c0dd6bcb9b452885243b8&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=fe727359840530d985e4d848e123fd54&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 08 Oct 2024 18:08:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 05acb9a216e5c2850ba4dad79af4deef
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

192.243.59.12

1 B

URL
unseenreport.com/pxf.gif?uuid=ed4ae9df-04cd-4001-bc81-6ea76d7dc072&eb=45a089584ad8b09819d75dc6bb9c1bdf&te=7b9c6871c64c0dd6bcb9b452885243b8&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=fe727359840530d985e4d848e123fd54&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=ed4ae9df-04cd-4001-bc81-6ea76d7dc072&eb=45a089584ad8b09819d75dc6bb9c1bdf&te=7b9c6871c64c0dd6bcb9b452885243b8&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=1&pk=fe727359840530d985e4d848e123fd54&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 08 Oct 2024 18:08:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 98ad97f34dd568192b25ed4de286f5ce
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

lokilokitwo.de:10006/

89.58.15.35

0 B

URL
lokilokitwo.de:10006/
IP
89.58.15.35:0
ASN
#197540 netcup GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: lokilokitwo.de:10006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://e-earnings.odoo.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f8l2ZZfFGNQFuqAbVUajMw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: RxNSthVna2FWIX86m9nONU4Db4o=

diclotrans.com/impr/ii/as/Ch4xNzc2MTA3Mjk4LTM0NzA1LTE3Mjg0MTA4ODMxNTEQ5J7alLHNu5FKGgEBIOSe2pSxzbuRSioBATIgEhNlLWVhcm5pbmdzLm9kb28uY29tKglESVJFQ1RfMjA6Bwiq-o6r0wJCAkVOYgwKCggMEAkaBAX14QBqJwolCgVJTUFHRRIcc3M6N2VlZDg3OTQwYjAyMTcxYi0yODgwNjg0OHrAAQoECJGPAhIRCg8IGBAUGgkFXeanebusAAAapAEKFgj___________8BEP___________wESEQoPCBgQFRoJBWvHXi1jEAAAGncKBAiQjwISEQoPCBgQFRoJBWvHXi1jEAAAGlwKBwifFRDcunoSEQoPCBgQFRoJBWvHXi1jEAAAGj4KCwj___________8BEhEKDwgYEBUaCQVrx14tYxAAABocCgcI8R8Q3Lp6EhEKDwgYEBUaCQVrx14tYxAAAJABZaIBDElOVEVSU1RJVElBTKoBAzIxOLABAcIBAMoBANIBA1dFQtoBBDI2OTc/au/1776107298-34705-1728410883151?ori=59x

172.67.139.102

302 Found

0 B

URL GET HTTP/2
diclotrans.com/impr/ii/as/Ch4xNzc2MTA3Mjk4LTM0NzA1LTE3Mjg0MTA4ODMxNTEQ5J7alLHNu5FKGgEBIOSe2pSxzbuRSioBATIgEhNlLWVhcm5pbmdzLm9kb28uY29tKglESVJFQ1RfMjA6Bwiq-o6r0wJCAkVOYgwKCggMEAkaBAX14QBqJwolCgVJTUFHRRIcc3M6N2VlZDg3OTQwYjAyMTcxYi0yODgwNjg0OHrAAQoECJGPAhIRCg8IGBAUGgkFXeanebusAAAapAEKFgj___________8BEP___________wESEQoPCBgQFRoJBWvHXi1jEAAAGncKBAiQjwISEQoPCBgQFRoJBWvHXi1jEAAAGlwKBwifFRDcunoSEQoPCBgQFRoJBWvHXi1jEAAAGj4KCwj___________8BEhEKDwgYEBUaCQVrx14tYxAAABocCgcI8R8Q3Lp6EhEKDwgYEBUaCQVrx14tYxAAAJABZaIBDElOVEVSU1RJVElBTKoBAzIxOLABAcIBAMoBANIBA1dFQtoBBDI2OTc/au/1776107298-34705-1728410883151?ori=59x
IP
172.67.139.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /impr/ii/as/Ch4xNzc2MTA3Mjk4LTM0NzA1LTE3Mjg0MTA4ODMxNTEQ5J7alLHNu5FKGgEBIOSe2pSxzbuRSioBATIgEhNlLWVhcm5pbmdzLm9kb28uY29tKglESVJFQ1RfMjA6Bwiq-o6r0wJCAkVOYgwKCggMEAkaBAX14QBqJwolCgVJTUFHRRIcc3M6N2VlZDg3OTQwYjAyMTcxYi0yODgwNjg0OHrAAQoECJGPAhIRCg8IGBAUGgkFXeanebusAAAapAEKFgj___________8BEP___________wESEQoPCBgQFRoJBWvHXi1jEAAAGncKBAiQjwISEQoPCBgQFRoJBWvHXi1jEAAAGlwKBwifFRDcunoSEQoPCBgQFRoJBWvHXi1jEAAAGj4KCwj___________8BEhEKDwgYEBUaCQVrx14tYxAAABocCgcI8R8Q3Lp6EhEKDwgYEBUaCQVrx14tYxAAAJABZaIBDElOVEVSU1RJVElBTKoBAzIxOLABAcIBAMoBANIBA1dFQtoBBDI2OTc/au/1776107298-34705-1728410883151?ori=59x HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 08 Oct 2024 18:08:16 GMT
content-length: 0
location: https://img.diclotrans.com/img/690/63077665915c5.png
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gk5CawQvNCfm0R0S%2FQ1UcBFpvLYFzgYaToZ3%2BbAK54S563WxJ80P%2BcTZ5sr0PTzFl8vAnrrVHBsXqbOmTIpRN8Eo4JWJKrBn2EV1WsJA838URf4EuMsZpKS4kkNVxlXx6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf81344cb2a1c0a-OSL
X-Firefox-Spdy: h2

appsha-pnd.ctengine.io/static/slide.js?v=1724924326288

109.109.136.213

200 OK

63 kB

URL GET HTTP/2
appsha-pnd.ctengine.io/static/slide.js?v=1724924326288
IP
109.109.136.213:443
ASN
#205072 Layershift Limited

Requested by
https://coinads.online/allads.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
63 kB (62898 bytes)
Hash
b778458a114dc5da88af17f51153feda
33b0a2e8307ae249078675e5a22763989ee66eee
7aa2cfdfcf1c4186d59d70711897484902cb5b5342d2b882c7e9d41ba816697e

HTTP Headers

GET /static/slide.js?v=1724924326288 HTTP/1.1
Host: appsha-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coinads.online
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:06 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Oct 2024 18:23:06 GMT
last-modified: Tue, 08 Oct 2024 18:08:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0
set-cookie: route=71cbf250b7617ec404819c2494290103; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

diclotrans.com/impr/is/as/CM-oxOqmMhIeMTc3NjEwNzI5OC0zNDcwNS0xNzI4NDEwODgzMTUxGk0KBAiRjwISRQoWCP___________wEQ____________ARIrCgQIkI8CEiMKBwifFRDcunoSGAoLCP___________wESCQoHCPEfENy6eiocc3M6OGQ0YmU3NjczNjAxYTZkNC0yODgwNjg0ODIDV0VC/au/1776107298-34705-1728410883151?ori=59x

172.67.139.102

0 B

URL
diclotrans.com/impr/is/as/CM-oxOqmMhIeMTc3NjEwNzI5OC0zNDcwNS0xNzI4NDEwODgzMTUxGk0KBAiRjwISRQoWCP___________wEQ____________ARIrCgQIkI8CEiMKBwifFRDcunoSGAoLCP___________wESCQoHCPEfENy6eiocc3M6OGQ0YmU3NjczNjAxYTZkNC0yODgwNjg0ODIDV0VC/au/1776107298-34705-1728410883151?ori=59x
IP
172.67.139.102:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /impr/is/as/CM-oxOqmMhIeMTc3NjEwNzI5OC0zNDcwNS0xNzI4NDEwODgzMTUxGk0KBAiRjwISRQoWCP___________wEQ____________ARIrCgQIkI8CEiMKBwifFRDcunoSGAoLCP___________wESCQoHCPEfENy6eiocc3M6OGQ0YmU3NjczNjAxYTZkNC0yODgwNjg0ODIDV0VC/au/1776107298-34705-1728410883151?ori=59x HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
Origin: https://e-earnings.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 08 Oct 2024 18:08:17 GMT
content-length: 0
location: https://img.diclotrans.com/img/690/63077665c2a74.png
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tvVV3o5IGnUxsAOisn7PTvXZPrzRnyy5ejjqYcXmkdISIpvR18%2BftQuCYBxv8nmmEtGdf4aZe1oWm%2FXdiFrl67xtLkBY0QEnvdtYb7KYTvEImhlmcs%2FdQFhIqxgq2IuSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf8134e9c2c1c0a-OSL
X-Firefox-Spdy: h2

img.diclotrans.com/img/690/63077665c2a74.png

104.21.54.145

1.8 MB

URL
img.diclotrans.com/img/690/63077665c2a74.png
IP
104.21.54.145:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1600 x 900, 8-bit/color RGB, non-interlaced
Size
1.8 MB (1841144 bytes)
Hash
0ce0b3f695315fbb54751af3afe0013c
259694cdfddd2a2451cda97c7d6635fa516a3af1
b88c2a598aa9e4063dbcca612d5e640bb52bb369728030a981613b9065022419

HTTP Headers

GET /img/690/63077665c2a74.png HTTP/1.1
Host: img.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:18 GMT
content-type: image/png
content-length: 1841144
access-control-allow-credentials: true
access-control-expose-headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
content-security-policy: block-all-mixed-content
etag: "0ce0b3f695315fbb54751af3afe0013c"
last-modified: Mon, 24 Oct 2022 13:21:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-bucket-region: us-east-1
x-amz-replication-status: COMPLETED
x-amz-request-id: 17D8CCC192F89C26
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-version-id: null
x-server: minio
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5y9HPIB0WrFPpvkSAURs7tc%2BrcHHbBvvuRmEBqiDth82gGX8qfRmpsoJNzLdBFDZepHh2anTeFmOgKzcFpz6jBCWR4Ziz1QuFr2Rt%2B1TChAGqp%2Bmkn1UO7Tfa6GxcCPzcN77ckc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 8cf81351bece0b69-OSL
X-Firefox-Spdy: h2

diclotrans.com/pick?id=35412&auth=52c375436298b74bf11728452e722c8d4a5066d3&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410889645&h=&i=1728410889645&j=&k=&l=&m=&n=&err=0000000000000

172.67.139.102

688 B

URL
diclotrans.com/pick?id=35412&auth=52c375436298b74bf11728452e722c8d4a5066d3&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410889645&h=&i=1728410889645&j=&k=&l=&m=&n=&err=0000000000000
IP
172.67.139.102:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
688 B (688 bytes)
Hash
e0265ff152d241fa9dbc3b62309726d2
787a0b03dd831dbc6dda8e109b243bc9e9c6d768
e81c8096237dd63fa28bbb1dbdd5bea83b9859d0d10273828eb438ebb9b02933

HTTP Headers

GET /pick?id=35412&auth=52c375436298b74bf11728452e722c8d4a5066d3&a=1&b=0&c=true&d=true&e=2&f=false&g=1728410889645&h=&i=1728410889645&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
Origin: https://digitalhub.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:20 GMT
content-type: application/json;charset=utf-8
content-length: 688
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CGYEYC5JtoQ8VpLtFuErZXEaee6ws1DO5VVzhW6qzclV4mfQedR%2BLPTy4w6tQ3T60VSf6mlr%2BQupta2%2FqyMqc4z3rRCHpT5GH0yPGgQDu%2FkLJ70ChzqjZsPYBhSsBs6NBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf8135e0a551c0a-OSL
X-Firefox-Spdy: h2

diclotrans.com/pick?id=35406&auth=3af8ee8afd26cb71de8bb4a3e6c31ef2aaa16032&iid=BANNER-35405&bw=728&bh=90&pid=PUB-9035&rid=REQ-35405&sid=SITE-35405&a=1&b=undefined&c=true&d=true&e=4&f=false&g=1728410898889&h=&i=1728410898889&j=&k=&l=&m=&n=&err=0000000000000

172.67.139.102

0 B

URL
diclotrans.com/pick?id=35406&auth=3af8ee8afd26cb71de8bb4a3e6c31ef2aaa16032&iid=BANNER-35405&bw=728&bh=90&pid=PUB-9035&rid=REQ-35405&sid=SITE-35405&a=1&b=undefined&c=true&d=true&e=4&f=false&g=1728410898889&h=&i=1728410898889&j=&k=&l=&m=&n=&err=0000000000000
IP
172.67.139.102:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pick?id=35406&auth=3af8ee8afd26cb71de8bb4a3e6c31ef2aaa16032&iid=BANNER-35405&bw=728&bh=90&pid=PUB-9035&rid=REQ-35405&sid=SITE-35405&a=1&b=undefined&c=true&d=true&e=4&f=false&g=1728410898889&h=&i=1728410898889&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
Origin: https://digitalhub.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 08 Oct 2024 18:08:22 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YEA6glAZ0iSd0gU9I4UGifzER7D1%2FaJhFkTFt5qHs8B%2FvYcB4udEvR6DiOjR%2Fcp%2F8tekHRG5dII%2BZJBLitz9t9hEHDHMNu9dDmTm%2FX%2FC%2B%2FHCa1XfeHuYgEPa5k8LpCgOrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf8136ebed71c0a-OSL
X-Firefox-Spdy: h2

piclinks.in/DLsecondary?id=434911

188.114.97.1

200 OK

15 kB

URL GET HTTP/2
piclinks.in/DLsecondary?id=434911
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectpiclinks.in
FingerprintEB:9D:90:E3:2D:7A:17:8B:2D:AF:76:50:35:D9:3A:F9:41:6B:62:26
ValiditySun, 08 Sep 2024 13:34:34 GMT - Sat, 07 Dec 2024 13:34:33 GMT

File type
data
Size
15 kB (14669 bytes)
Hash
e2d52b1f630153e937a7664d8628226f
acf5766b33b2f357fdb6ba00287ee469e5f69459
b1fb68db6339e1cea07d9076b31c44cbfee1881ca29f6279ec29a93a96f6402c

HTTP Headers

GET /DLsecondary?id=434911 HTTP/1.1
Host: piclinks.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://piclinks.in/directlink?id=434911
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:11 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=i3avh316ccq4a6stngi52phdgj; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1hu4iWuGJhlI032djBg1eys4pgSlSEAc31xCcD4bXaaXR%2BT6ZglkyzgJmv5h%2B1ZmF2H%2FyTS%2FGJFq%2BhNHRTu%2BLh6h1XR0tUI1WMfC%2FVrPdc6r%2Fi1E03DFsrQT5fpRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf813285cc9d9d8-FRA
content-encoding: br
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

142.250.147.191

200 OK

7.8 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
ASCII text, with very long lines (35959)
Size
7.8 kB (7756 bytes)
Hash
1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

HTTP Headers

GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Oct 2024 13:49:51 GMT
expires: Mon, 06 Oct 2025 13:49:51 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 05 Oct 2024 22:49:31 GMT
content-type: text/css
vary: Accept-Encoding
age: 188312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sofiahalbofanimeworld.blogspot.com/js/cookienotice.js

216.58.207.193

2.0 kB

URL
sofiahalbofanimeworld.blogspot.com/js/cookienotice.js
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text
Size
2.0 kB (2026 bytes)
Hash
a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 18:07:56 GMT
expires: Tue, 15 Oct 2024 18:07:56 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 13:59:46 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 27
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/static/v1/jsbin/1466990918-comment_from_post_iframe.js

142.250.147.191

6.7 kB

URL
www.blogger.com/static/v1/jsbin/1466990918-comment_from_post_iframe.js
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (2168)
Size
6.7 kB (6748 bytes)
Hash
8690028a2d583da1be43200c873f4aca
832d7d2341b244672eff2a3b6d4319ba0f569ddb
6a0af73d8aca10ba21b96c1a708c2effd53397bcb7797092280089818d640cb3

HTTP Headers

GET /static/v1/jsbin/1466990918-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 18:49:05 GMT
expires: Sun, 05 Oct 2025 18:49:05 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 04 Oct 2024 20:57:10 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 256758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/platform.js

142.250.74.110

24 kB

URL
apis.google.com/js/platform.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
24 kB (24114 bytes)
Hash
50047d1ce3a78337b656b202c5c15bc2
2dc8fa917230eff7e1ef9a6863129e311ed81811
40c902b93901973c7f42e026b5c79b99ce6d71e5db1d48aa5d67a9e46c0bfd70

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 24114
date: Tue, 08 Oct 2024 18:08:23 GMT
expires: Tue, 08 Oct 2024 18:08:23 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "45dfd97a5df6ac68"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109

216.58.207.226

200 OK

53 kB

URL GET HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109
IP
216.58.207.226:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
JavaScript source, ASCII text, with very long lines (4006)
Size
53 kB (52824 bytes)
Hash
ed3c3993f6a9c3f49a5da834b9facc0c
3cff8aca0d5c78e74cec63db19c13e97ce8ccea9
d508956e392166df808e822b939a9961942657547e9dce4a6785cd9aba2d93f5

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sofiahalbofanimeworld.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:23 GMT
expires: Tue, 08 Oct 2024 18:08:23 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 6631647249405507766
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/static/v1/widgets/3650705295-widgets.js

142.250.147.191

51 kB

URL
www.blogger.com/static/v1/widgets/3650705295-widgets.js
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (4279)
Size
51 kB (51416 bytes)
Hash
a07ab2548bced4c8b1431455cdd020cd
8ad54e7e2ba4de4d1e7afaca52306c0a81ae40ac
b7f75b19ecc538a84719f23ac5693033d53ab02ce0c097d6b4d12b5e920a592e

HTTP Headers

GET /static/v1/widgets/3650705295-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 51416
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 03:28:22 GMT
expires: Tue, 07 Oct 2025 03:28:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 00:56:47 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 139201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/js/google_top_exp.js

216.58.207.226

200 OK

42 B

URL GET HTTP/3
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
216.58.207.226:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
ASCII text
Size
42 B (42 bytes)
Hash
7f5f2be159837d73b72a4b37616bce44
c93d7f25b530b05c26440d3352213b683d03dcc3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

HTTP Headers

GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Tue, 08 Oct 2024 04:52:43 GMT
expires: Tue, 22 Oct 2024 04:52:43 GMT
cache-control: public, max-age=1209600
age: 47740
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ad.a-ads.com/1110727?size=728x90

116.202.214.170

200 OK

5.7 kB

URL GET HTTP/2
ad.a-ads.com/1110727?size=728x90
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad2bitcoin.com/ad.php?ref=sofiahalbof&width=300
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
5.7 kB (5699 bytes)
Hash
3ff40c4cf3fa9ca3a54c539147e9b53e
521d0d5381f23aa6ff1bd06f3c6a0ad655840843
b9be81198802fc729c95513083ee32e66d64fd12dfd34ae7724ff55d3ce36585

HTTP Headers

GET /1110727?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad2bitcoin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://ad2bitcoin.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

resources.blogblog.com/img/icon18_edit_allbkg.gif

142.250.147.191

162 B

URL
resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 18
Size
162 B (162 bytes)
Hash
c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

HTTP Headers

GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 00:54:14 GMT
expires: Mon, 14 Oct 2024 00:54:14 GMT
cache-control: public, max-age=604800
last-modified: Sun, 06 Oct 2024 16:50:46 GMT
content-type: image/gif
age: 148449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

63 kB

URL GET HTTP/2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.apis.google.com
Fingerprint48:CD:F5:D1:F3:78:A1:83:0F:BC:5E:CA:CA:2A:0A:CB:D2:70:8D:83
ValidityMon, 16 Sep 2024 09:36:21 GMT - Mon, 09 Dec 2024 09:36:20 GMT

File type
JavaScript source, ASCII text, with very long lines (1885)
Size
63 kB (62924 bytes)
Hash
40ce8d1c9624826c3de087c8478ab7c1
646063e4267ae4385bedb0639f8bc6dd8b71c236
4966fc59206429f3408775b228c28beb1d80818fdddad27cc678ac34c01e5ab0

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 62924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 21:38:11 GMT
expires: Tue, 07 Oct 2025 21:38:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 18:50:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 73812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/img/blogger_logo_round_35.png

142.250.147.191

200 OK

2.5 kB

URL GET HTTP/2
www.blogger.com/img/blogger_logo_round_35.png
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2531 bytes)
Hash
838622483cbfed35380b4705f19d7cca
7de684136affc969a24d61927afc18905cf2fc36
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

HTTP Headers

GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2531
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 06:32:19 GMT
expires: Mon, 14 Oct 2024 06:32:19 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 04:51:09 GMT
content-type: image/png
age: 128164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/blogblog/data/1kt/ethereal/white-fade.png

142.250.147.191

200 OK

144 B

URL GET HTTP/3
resources.blogblog.com/blogblog/data/1kt/ethereal/white-fade.png
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 1 x 590, 8-bit/color RGBA, non-interlaced
Size
144 B (144 bytes)
Hash
4ba06844286b94adfc8ad7bc8a8fde94
9e1fa0c37abf7c05300b90f8938dd2458409a35e
909a47a95386ffd0420ff44c0f1278a3259b918b1bc8213afa97ad6a4bb5bb58

HTTP Headers

GET /blogblog/data/1kt/ethereal/white-fade.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 00:59:24 GMT
expires: Mon, 14 Oct 2024 00:59:24 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 00:56:47 GMT
content-type: image/png
age: 148139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/img/share_buttons_20_3.png

142.250.147.191

5.1 kB

URL
www.blogger.com/img/share_buttons_20_3.png
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced
Size
5.1 kB (5080 bytes)
Hash
ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

HTTP Headers

GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Oct 2024 04:04:42 GMT
expires: Wed, 09 Oct 2024 04:04:42 GMT
cache-control: public, max-age=604800
last-modified: Wed, 02 Oct 2024 02:57:38 GMT
content-type: image/png
age: 569021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

themes.googleusercontent.com/image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3

142.250.74.97

43 kB

URL
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
PNG image data, 1515 x 971, 8-bit/color RGBA, non-interlaced
Size
43 kB (42869 bytes)
Hash
05d2738b4dc90530c7cfab2ec6a780bd
f156f3f4d6b41803bcb8704a01e38623098f09af
919e34ec42b0b8a6f9754b9e33f9faba1c20a79bc151cc03009fc0e2bb17a922

HTTP Headers

GET /image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Wed, 09 Oct 2024 18:08:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:23 GMT
server: fife
content-length: 42869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/img/logo-16.png

142.250.147.191

279 B

URL
www.blogger.com/img/logo-16.png
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
279 B (279 bytes)
Hash
5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

HTTP Headers

GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 21:34:18 GMT
expires: Sat, 12 Oct 2024 21:34:18 GMT
cache-control: public, max-age=604800
last-modified: Sat, 05 Oct 2024 19:51:45 GMT
content-type: image/png
age: 246845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com

216.58.207.226

140 kB

URL
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
JavaScript source, ASCII text, with very long lines (2868)
Size
140 kB (139507 bytes)
Hash
97ce159644306e6e870b4bc13d7308cb
33e21e8f3a6a44169d3c0c0b9edfb4d75db6f934
92af73573df1feda56905c8d993a32aebb8c1b0ba86f3aed3879b48f8bdbd021

HTTP Headers

GET /pagead/managed/js/adsense/m202410030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:23 GMT
expires: Tue, 08 Oct 2024 18:08:23 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15614900263851016558
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 139507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.97

24 kB

URL
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640-rw/original+%25284%2529.jpg
IP
142.250.74.97:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (23620 bytes)
Hash
0486a0e5405a90fc0528d411f15bacfb
f9bfa4be241b5dcb1d08521f2e450e6b5d60c267
047cafbd80a22fe50f919e0be95c387e2bfb3dab555eeeb1b0b3c59157b61687

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640-rw/original+%25284%2529.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v51c"
expires: Wed, 09 Oct 2024 18:08:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="original (4).webp"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:23 GMT
server: fife
content-length: 23620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.97

200 OK

25 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640/original+%25284%2529.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 500x504, components 3
Size
25 kB (24947 bytes)
Hash
4112a2265f97c15c59d8c48c0d07e556
0ee3839d780347edf08fd5f4a52388dd46bc3ad2
74477a6ab562eaaf23b770ae8a9bb469444d9e2a09fe75a229c163593e2ad518

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640/original+%25284%2529.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v51c"
expires: Wed, 09 Oct 2024 18:08:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="original (4).jpg"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:24 GMT
server: fife
content-length: 24947
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/am=BgwGGAM/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP0L_H72BQp-497kFRQpC-kO9F0vgg/m=_b,_tp

142.250.147.191

67 kB

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/am=BgwGGAM/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP0L_H72BQp-497kFRQpC-kO9F0vgg/m=_b,_tp
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (1779)
Size
67 kB (67268 bytes)
Hash
67e8fef75d42a3eab9697fcdf11d629a
84bf01f687e911fc27e30958d167d26c4d324045
cc21a6f936a57834856ece7687b69877708d4d58e7530aa824415ac494f6c65e

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/am=BgwGGAM/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP0L_H72BQp-497kFRQpC-kO9F0vgg/m=_b,_tp HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 67268
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 03:42:19 GMT
expires: Tue, 07 Oct 2025 03:42:19 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Fri, 04 Oct 2024 23:08:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 138365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 14:48:26 GMT
expires: Sun, 05 Oct 2025 14:48:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 271198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.97

200 OK

19 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeaoNsjDNQ-ft3m51CUPvtToBCbzwdc07wA-SfDPeT-QYmEmsTDzvY8IT9fbty0vA7cQw0i0FVu0FF2ondR7f191Nf0ZSiKTH-boMuR4uzVZYnx-uy132RLaT3OwItBoytd6eLbHjhJnk/s1600/tumblr_p9sx9t6ITy1tji7wmo1_640.png
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
PNG image data, 627 x 348, 8-bit/color RGB, non-interlaced
Size
19 kB (19422 bytes)
Hash
08b8c241415eb845471a6cdc24e86d3d
4a67fd9185985c5eb0f690a81e4723e9fd10991e
e20d7cd5eded37c6539062e9a67b2674b0c52f8149c9880c8ea6ca366fe7df00

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEgeaoNsjDNQ-ft3m51CUPvtToBCbzwdc07wA-SfDPeT-QYmEmsTDzvY8IT9fbty0vA7cQw0i0FVu0FF2ondR7f191Nf0ZSiKTH-boMuR4uzVZYnx-uy132RLaT3OwItBoytd6eLbHjhJnk/s1600/tumblr_p9sx9t6ITy1tji7wmo1_640.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v358"
expires: Wed, 09 Oct 2024 18:08:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tumblr_p9sx9t6ITy1tji7wmo1_640.png"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:24 GMT
server: fife
content-length: 19422
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/html/r20241003/r20190131/zrt_lookup_fy2021.html

216.58.207.226

4.1 kB

URL
pagead2.googlesyndication.com/pagead/html/r20241003/r20190131/zrt_lookup_fy2021.html
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
HTML document, ASCII text, with very long lines (2873)
Size
4.1 kB (4121 bytes)
Hash
0a69a7a3530de318072de6182e31a0c6
9bf1165a0064fb85dd8f29ddc6c45ad5b9574ee9
bf1e2557855835794a8a1d9c1403ac53373ccea3006325357e5cb384e93d7514

HTTP Headers

GET /pagead/html/r20241003/r20190131/zrt_lookup_fy2021.html HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4121
x-xss-protection: 0
date: Tue, 08 Oct 2024 02:20:42 GMT
expires: Tue, 22 Oct 2024 02:20:42 GMT
cache-control: public, max-age=1209600
age: 56862
etag: 13108003645644964576
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/comment/frame/3405693820859981231?po=4364866522047349775&hl=en&saa=73852&blogspotRpcToken=1720003

142.250.147.191

16 kB

URL
www.blogger.com/comment/frame/3405693820859981231?po=4364866522047349775&hl=en&saa=73852&blogspotRpcToken=1720003
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (41166)
Size
16 kB (15542 bytes)
Hash
6ed93065ff3546f75ac064a9369ebe5a
bccb7b91490f5562e1893bbba7a4f3a7c65ff89f
ba23d1b6f89539a5e332d91774b8dbef7c64cb177aede309090959caaeefab23

HTTP Headers

GET /comment/frame/3405693820859981231?po=4364866522047349775&hl=en&saa=73852&blogspotRpcToken=1720003 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:08:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-fw8BHMrG3eSDitxEtbGW_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
reporting-endpoints: default="/_/BloggerCommentUi/web-reports?context=eJzjqtHikmLw1JBiqHXfyVR6ZSfTHY1dTK-AOLJ0F1M6EDu9uskk03uL6fGUW0zP258xfQNiia8vmTSA2Cl9BmsQELfePMc6FYhtb51nTfp3nrUIiH94XGRl87zIaqhwidURiFV7LrGaAnFqzmXWIokrrE1ALMTDMf3V1B1sAhsm3ZnFrKSUlF8Yn5STn56eWlSaWZxaVJZaFG9kYGRiaGBgrmdgEF9gAAAYlUZV"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=518=ORIVuW0GRQVTfdd7I4oP_Nc48mKwzW-4wmn__WPqg0Hcbf-qDRk07zCrYJdpfP_oCQEMCbtOPOyXANA_3h1DqzibC4hhLu-QMLr6DduV7SdSQs0M9PUrI_84M9LjiJQ2f8Gf2UPTr0GxaYV3lUSAEIxOqvFiRwuOslR3qALsWXVZWFav42d1399JfN-YM7QqAM_y; expires=Wed, 09-Apr-2025 18:08:23 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/anon36.png

142.250.147.191

1.7 kB

URL
resources.blogblog.com/img/anon36.png
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced
Size
1.7 kB (1654 bytes)
Hash
106b75877485647b4b5618523f541732
c19e26c01d2972a4c895c3688c735158785620c7
19a794aab8d93c3cafd1efa4ae19579369f92ed5f1bb114d05aa0d7c7d1b3c22

HTTP Headers

GET /img/anon36.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1654
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:19:24 GMT
expires: Tue, 15 Oct 2024 11:19:24 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 13:59:46 GMT
content-type: image/png
age: 24540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1728410844&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F07%2Fblog-post.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&dt=1728410903704&bpp=14&bdt=304&idt=332&shv=r20241003&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4804649616224&frm=20&pv=2&u_tz=0&u_his=5&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95343454%2C95344187&oid=2&pvsid=2870909833233833&tmod=1441329002&nvt=1&fsapi=1&ref=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F06%2Fhttpsnftgoddess.html&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=385

216.58.207.226

46 B

URL
pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1728410844&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F07%2Fblog-post.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&dt=1728410903704&bpp=14&bdt=304&idt=332&shv=r20241003&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4804649616224&frm=20&pv=2&u_tz=0&u_his=5&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95343454%2C95344187&oid=2&pvsid=2870909833233833&tmod=1441329002&nvt=1&fsapi=1&ref=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F06%2Fhttpsnftgoddess.html&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=385
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
HTML document, ASCII text, with very long lines (603), with no line terminators
Size
46 B (46 bytes)
Hash
2c739853e3edfa26869416e3d4e5d369
c263dc1c36c954b252bc7e775e6e82865d9b29b8
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

HTTP Headers

GET /pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1728410844&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F07%2Fblog-post.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&dt=1728410903704&bpp=14&bdt=304&idt=332&shv=r20241003&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4804649616224&frm=20&pv=2&u_tz=0&u_his=5&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95343454%2C95344187&oid=2&pvsid=2870909833233833&tmod=1441329002&nvt=1&fsapi=1&ref=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F06%2Fhttpsnftgoddess.html&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=385 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Oct 2024 18:08:24 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=27dd6370-fcfb-4320-aaec-435c7b6970a5

142.250.147.191

21 B

URL
www.blogger.com/dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=27dd6370-fcfb-4320-aaec-435c7b6970a5
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=27dd6370-fcfb-4320-aaec-435c7b6970a5 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:08:24 GMT
last-modified: Tue, 08 Oct 2024 18:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,ebZ3mb,zr1jrb,ZDZcre,Uas9Hd,A7fCU,pjICDe

142.250.147.191

130 kB

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,ebZ3mb,zr1jrb,ZDZcre,Uas9Hd,A7fCU,pjICDe
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (2219)
Size
130 kB (129507 bytes)
Hash
abe09aeffcf01f2631b6663591ab3b28
f7791303532af00464a074758449bbff5be4eb53
cdd24451db473d2a73808efd9fea0aa0561c1a3563bd1677e4f18e90e2ae91e1

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,ebZ3mb,zr1jrb,ZDZcre,Uas9Hd,A7fCU,pjICDe HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 129507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 12:34:46 GMT
expires: Tue, 07 Oct 2025 12:34:46 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Sep 2024 21:10:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 106418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x

142.250.147.191

154 B

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text
Size
154 B (154 bytes)
Hash
0212f84f9b3c279098932d83a43b6448
22ef0e934187e4a4bb70bce5a59e7eed3e45e82b
9dffee8e9e10ba5883b18f8f0803e06bcdd3751909cd3a2ad48195a33a4132c9

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 13:11:35 GMT
expires: Tue, 07 Oct 2025 13:11:35 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Sep 2024 21:10:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 104209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=4364866522047349775&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html&vt=2925421536678128828&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__

142.250.147.191

2.2 kB

URL
www.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=4364866522047349775&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html&vt=2925421536678128828&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1963)
Size
2.2 kB (2226 bytes)
Hash
7f654d42b1c35ecb5df1b41bf8d0fac7
6b0d77b187e369b0e733eb435dd5fc3264becb55
e7d5974ad148aa9b497ebdaa33b5eecafcaf252a508dc08d4b32486948e1df22

HTTP Headers

GET /navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=4364866522047349775&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html&vt=2925421536678128828&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2226
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd

142.250.147.191

7.5 kB

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (3521)
Size
7.5 kB (7484 bytes)
Hash
4ba1f1ddec2cdce9b396c3695fbd3488
78754afb3bc47c8a723da5b4dad40b6432f6a7b4
2cd2f67d39c8fb988af8513791f658e40194969918a188d18b30a64d81b736a5

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 7484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 13:21:26 GMT
expires: Tue, 07 Oct 2025 13:21:26 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Sep 2024 21:10:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 103618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc

142.250.147.191

749 B

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (742)
Size
749 B (749 bytes)
Hash
52927d24707f9ff25ea0bd775edf9a05
b46d348ed81fba6c2a6469ccece95ac4a858c3d2
0d2b44dd085cad795a3790a2267ba368af057815e389b6f04fe86ca6aac05fc2

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 749
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 06:12:03 GMT
expires: Wed, 08 Oct 2025 06:12:03 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Sep 2024 21:10:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 42981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIL0clAHGELinnu7M0t1a5-wpfD8W0lp4abd01C9FTz7Yg6oX_PTTJGgCDho3cGkN-9z4RwlYCUkSAs4YqA1gnJ4kABh22trTlmeN4BVUqveaebdTBNoJ6Pi0AAkqf98BQCG8Oyjcq2-I/w640-h640-rw/image.png

142.250.74.97

327 kB

URL
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIL0clAHGELinnu7M0t1a5-wpfD8W0lp4abd01C9FTz7Yg6oX_PTTJGgCDho3cGkN-9z4RwlYCUkSAs4YqA1gnJ4kABh22trTlmeN4BVUqveaebdTBNoJ6Pi0AAkqf98BQCG8Oyjcq2-I/w640-h640-rw/image.png
IP
142.250.74.97:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
RIFF (little-endian) data, Web/P image
Size
327 kB (327408 bytes)
Hash
ec594b2c5eb1f595e207b48d48619cfb
eae8ab412dd779cf3ca5e294d38ed271e2188a0b
bf257ae6a2d584b305ec3eb6ec6a64fc86636a0db7c4751e11ba3bea9cb604bb

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEiIL0clAHGELinnu7M0t1a5-wpfD8W0lp4abd01C9FTz7Yg6oX_PTTJGgCDho3cGkN-9z4RwlYCUkSAs4YqA1gnJ4kABh22trTlmeN4BVUqveaebdTBNoJ6Pi0AAkqf98BQCG8Oyjcq2-I/w640-h640-rw/image.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v566"
expires: Wed, 09 Oct 2024 18:08:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.webp"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:24 GMT
server: fife
content-length: 327408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrYCsoyj7mlP_5ylo6DufSU4akzQjLvXINwbrmXsVijd6zWJwNFD5dmJz4xBcwT8qszsuzcMyGOHNoOlJZWwBa2EvDuhkaJE_zsrI77a_NqviG6nEgjEp1BAwBAY3DNHrrPM-UHWyP9KI/w640-h360-rw/image.png

142.250.74.97

60 kB

URL
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrYCsoyj7mlP_5ylo6DufSU4akzQjLvXINwbrmXsVijd6zWJwNFD5dmJz4xBcwT8qszsuzcMyGOHNoOlJZWwBa2EvDuhkaJE_zsrI77a_NqviG6nEgjEp1BAwBAY3DNHrrPM-UHWyP9KI/w640-h360-rw/image.png
IP
142.250.74.97:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
RIFF (little-endian) data, Web/P image
Size
60 kB (60378 bytes)
Hash
8ce552621c26f23e41afd2d7e01d4d29
0354eb2ec2ffa5d7a3198a04222bc8d4dcb573c2
faa5d50bd591a0d7213681d8ad62f2834f1a0117e99a794e26dfefd324e27475

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhrYCsoyj7mlP_5ylo6DufSU4akzQjLvXINwbrmXsVijd6zWJwNFD5dmJz4xBcwT8qszsuzcMyGOHNoOlJZWwBa2EvDuhkaJE_zsrI77a_NqviG6nEgjEp1BAwBAY3DNHrrPM-UHWyP9KI/w640-h360-rw/image.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v51e"
expires: Wed, 09 Oct 2024 18:08:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.webp"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:24 GMT
server: fife
content-length: 60378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/navbar/icons_peach.png

142.250.147.191

907 B

URL
resources.blogblog.com/img/navbar/icons_peach.png
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
PNG image data, 46 x 20, 8-bit colormap, non-interlaced
Size
907 B (907 bytes)
Hash
3718077fe5eb689b0ded987a52881d06
f0ce5596ef43f850c400cbbc0556697fb3e7b232
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

HTTP Headers

GET /img/navbar/icons_peach.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 907
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 22:20:57 GMT
expires: Mon, 14 Oct 2024 22:20:57 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 13:59:46 GMT
content-type: image/png
age: 71247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu

142.250.74.68

800 B

URL
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression
Size
800 B (800 bytes)
Hash
bae03d96cd0ce7ab40a2fcfe4e2986a5
f4ebe673a96bec7646b37a322d6dcacb889f16a7
0bd069d48c850213e333233a51d23240b4d243b1b8d24518068de38a09b1271b

HTTP Headers

GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 08 Oct 2024 18:08:24 GMT
date: Tue, 08 Oct 2024 18:08:24 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/platform:gapi.iframes.style.common.js

142.250.74.110

200 OK

24 kB

URL GET HTTP/3
apis.google.com/js/platform:gapi.iframes.style.common.js
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com&pfname=&rpctoken=86231880
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
24 kB (24124 bytes)
Hash
da40ef4242aa882fd89c4a6f4a1f8e66
36d4566e044021ff8d28325590594d15d4d26e91
5633f53e7c8ec0475172ac35923206b7623f0e148531b0774b93444da2dd240f

HTTP Headers

GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 24124
date: Tue, 08 Oct 2024 18:08:24 GMT
expires: Tue, 08 Oct 2024 18:08:24 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "123c7ff8bc76c11b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js

142.250.74.67

221 kB

URL
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
JavaScript source, ASCII text, with very long lines (617)
Size
221 kB (220951 bytes)
Hash
99210e7c2195de81c0eedf98787a69b3
7b26c66058385b60109aa6129c2161a399a6034d
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302

HTTP Headers

GET /recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 220951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 12:18:26 GMT
expires: Wed, 08 Oct 2025 12:18:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 04:02:51 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sofiahalbofanimeworld.blogspot.com/favicon.ico

216.58.207.193

412 B

URL
sofiahalbofanimeworld.blogspot.com/favicon.ico
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
Size
412 B (412 bytes)
Hash
59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/x-icon
expires: Tue, 08 Oct 2024 18:08:24 GMT
date: Tue, 08 Oct 2024 18:08:24 GMT
cache-control: private, max-age=86400
last-modified: Tue, 08 Oct 2024 18:07:24 GMT
etag: W/"053b09a58fb3fa48da08a5add2d5956d42ed5fbca9339234368421f010ba6445"
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

47 kB

URL GET HTTP/3
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com&pfname=&rpctoken=86231880
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type
JavaScript source, ASCII text, with very long lines (1885)
Size
47 kB (46988 bytes)
Hash
2f6e0ceb03cb60762a83e5514b7fbd9c
8d14964948829b0d84d8c950620829055ef71cf2
c115f3e4b408f5b326061bdfdf27973e7e65cc65788884931cacd25cf344d070

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 46988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 21:38:12 GMT
expires: Tue, 07 Oct 2025 21:38:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 18:50:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 73812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

diclotrans.com/impr/ii/as/Ch4xMjM3NDU2MDc2LTM1NDEyLTE3Mjg0MTA5MDAyMjYQ5J7alLHNu5FKGgEBIOSe2pSxzbuRSioBATIgEhNkaWdpdGFsaHViLm9kb28uY29tKglESVJFQ1RfMjA6Bwiq-o6r0wJCAkVOYgwKCggMEAkaBAX14QBqJwolCgVJTUFHRRIcc3M6NDYyY2U4ZTg2ZmVhNWNhMS0yODgwNjg0OHrAAQoECNSUAhIRCg8IGBAUGgkFXeanebusAAAapAEKFgj___________8BEP___________wESEQoPCBgQFRoJBWvHXi1jEAAAGncKBAjTlAISEQoPCBgQFRoJBWvHXi1jEAAAGlwKBwifFRCP9HsSEQoPCBgQFRoJBWvHXi1jEAAAGj4KCwj___________8BEhEKDwgYEBUaCQVrx14tYxAAABocCgcI8h8Qj_R7EhEKDwgYEBUaCQVrx14tYxAAAJABZaIBDElOVEVSU1RJVElBTKoBAzIxObABAcIBAMoBANIBA1dFQtoBAzc3OA/au/1237456076-35412-1728410900226?ori=72x

172.67.139.102

0 B

URL
diclotrans.com/impr/ii/as/Ch4xMjM3NDU2MDc2LTM1NDEyLTE3Mjg0MTA5MDAyMjYQ5J7alLHNu5FKGgEBIOSe2pSxzbuRSioBATIgEhNkaWdpdGFsaHViLm9kb28uY29tKglESVJFQ1RfMjA6Bwiq-o6r0wJCAkVOYgwKCggMEAkaBAX14QBqJwolCgVJTUFHRRIcc3M6NDYyY2U4ZTg2ZmVhNWNhMS0yODgwNjg0OHrAAQoECNSUAhIRCg8IGBAUGgkFXeanebusAAAapAEKFgj___________8BEP___________wESEQoPCBgQFRoJBWvHXi1jEAAAGncKBAjTlAISEQoPCBgQFRoJBWvHXi1jEAAAGlwKBwifFRCP9HsSEQoPCBgQFRoJBWvHXi1jEAAAGj4KCwj___________8BEhEKDwgYEBUaCQVrx14tYxAAABocCgcI8h8Qj_R7EhEKDwgYEBUaCQVrx14tYxAAAJABZaIBDElOVEVSU1RJVElBTKoBAzIxObABAcIBAMoBANIBA1dFQtoBAzc3OA/au/1237456076-35412-1728410900226?ori=72x
IP
172.67.139.102:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /impr/ii/as/Ch4xMjM3NDU2MDc2LTM1NDEyLTE3Mjg0MTA5MDAyMjYQ5J7alLHNu5FKGgEBIOSe2pSxzbuRSioBATIgEhNkaWdpdGFsaHViLm9kb28uY29tKglESVJFQ1RfMjA6Bwiq-o6r0wJCAkVOYgwKCggMEAkaBAX14QBqJwolCgVJTUFHRRIcc3M6NDYyY2U4ZTg2ZmVhNWNhMS0yODgwNjg0OHrAAQoECNSUAhIRCg8IGBAUGgkFXeanebusAAAapAEKFgj___________8BEP___________wESEQoPCBgQFRoJBWvHXi1jEAAAGncKBAjTlAISEQoPCBgQFRoJBWvHXi1jEAAAGlwKBwifFRCP9HsSEQoPCBgQFRoJBWvHXi1jEAAAGj4KCwj___________8BEhEKDwgYEBUaCQVrx14tYxAAABocCgcI8h8Qj_R7EhEKDwgYEBUaCQVrx14tYxAAAJABZaIBDElOVEVSU1RJVElBTKoBAzIxObABAcIBAMoBANIBA1dFQtoBAzc3OA/au/1237456076-35412-1728410900226?ori=72x HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 08 Oct 2024 18:08:24 GMT
content-length: 0
location: https://img.diclotrans.com/img/690/63077727849e0.png
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S62Su79v%2FoK6SsKCAHf4A43TlOAi2Uu6X3dqleMciAF7GzIQJkSF%2BU9f%2FmV8PEpB6FwTNO0DLEWb7%2Fi%2F4wb9dnFpgq%2BUlRTxI4w6gwUjJctezw9JNdFDsqW5VkbM3Y8yZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf8137998101c0a-OSL
X-Firefox-Spdy: h2

diclotrans.com/pick?id=35408&auth=5a90270b37f6059276f68dc741cccfd327d09f66&a=1&b=0&c=true&d=true&e=4&f=false&g=1728410902220&h=&i=1728410902220&j=&k=&l=&m=&n=&err=0000000000000

172.67.139.102

0 B

URL
diclotrans.com/pick?id=35408&auth=5a90270b37f6059276f68dc741cccfd327d09f66&a=1&b=0&c=true&d=true&e=4&f=false&g=1728410902220&h=&i=1728410902220&j=&k=&l=&m=&n=&err=0000000000000
IP
172.67.139.102:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pick?id=35408&auth=5a90270b37f6059276f68dc741cccfd327d09f66&a=1&b=0&c=true&d=true&e=4&f=false&g=1728410902220&h=&i=1728410902220&j=&k=&l=&m=&n=&err=0000000000000 HTTP/1.1
Host: diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
Origin: https://digitalhub.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 08 Oct 2024 18:08:24 GMT
content-type: application/json;charset=utf-8
access-control-allow-origin: *
referrer-policy: origin
vary: accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zHHxqYaQE5QC7xAuzlZ3%2BuTpBu7Fgha8UctP4kyec7LvyBbN1fRLT%2BUfm%2F057w%2Bsiz8jj4iK%2F6SCBRE0D6nsUKadkqXyvULD7U5AFHOaIbH12Y38KkMlc%2Fjk9wvTs1NVnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf8137a589c1c0a-OSL
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=pwolzqhom1gl

142.250.74.68

72 kB

URL
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=pwolzqhom1gl
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (39893)
Size
72 kB (72412 bytes)
Hash
17f4b22aab40c835dee451c36a0d59b6
72e2c0d43427919fbb03e7afd126cb04bbdf4df4
ccc3ccab309631e683ada75891c591a9f8899efdbda757382883e0c3b4280ba0

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=pwolzqhom1gl HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:08:24 GMT
content-security-policy: script-src 'nonce-d7kXf57nS9t-Ja2KzSYBHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js

142.250.74.67

221 kB

URL
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
IP
142.250.74.67:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
JavaScript source, ASCII text, with very long lines (617)
Size
221 kB (220951 bytes)
Hash
99210e7c2195de81c0eedf98787a69b3
7b26c66058385b60109aa6129c2161a399a6034d
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302

HTTP Headers

GET /recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 220951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 12:18:26 GMT
expires: Wed, 08 Oct 2025 12:18:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 04:02:51 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.207.206

200 OK

0 B

URL POST HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997#%7B%22color%22:%22rgb(102,%20102,%20102)%22,%22backgroundColor%22:%22rgb(61,%20133,%20198)%22,%22unvisitedLinkColor%22:%22rgb(61,%20116,%20165)%22,%22fontFamily%22:%22Arial,%20Tahoma,%20Helvetica,%20FreeSans,%20sans-serif%22%7D
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 08 Oct 2024 18:08:25 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.207.206

200 OK

131 B

URL POST HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997#%7B%22color%22:%22rgb(102,%20102,%20102)%22,%22backgroundColor%22:%22rgb(61,%20133,%20198)%22,%22unvisitedLinkColor%22:%22rgb(61,%20116,%20165)%22,%22fontFamily%22:%22Arial,%20Tahoma,%20Helvetica,%20FreeSans,%20sans-serif%22%7D
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 587
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 08 Oct 2024 18:08:25 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/SzbTPrPj0RZMh3sKke7Dm2R1EAOQaD1lrFJKAhnJ0tE.js

142.250.74.68

7.6 kB

URL
www.google.com/js/bg/SzbTPrPj0RZMh3sKke7Dm2R1EAOQaD1lrFJKAhnJ0tE.js
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (18053)
Size
7.6 kB (7628 bytes)
Hash
61721b9fc4880c88e14e0251d0ffc033
27a8a3835b9f801e3d9302631d0db87d7c5cd4e6
4b36d33eb3e3d1164c877b0a91eec39b6475100390683d65ac524a0219c9d2d1

HTTP Headers

GET /js/bg/SzbTPrPj0RZMh3sKke7Dm2R1EAOQaD1lrFJKAhnJ0tE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=pwolzqhom1gl
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:41:04 GMT
expires: Wed, 08 Oct 2025 11:41:04 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 17 Sep 2024 15:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 23241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

autofaucet.org/wm/Usmanja200/2

172.67.133.36

200 OK

2.5 kB

URL GET HTTP/2
autofaucet.org/wm/Usmanja200/2
IP
172.67.133.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectautofaucet.org
Fingerprint30:14:68:FC:2C:F5:A9:6C:C4:E1:22:CB:59:94:47:BE:9D:76:AD:8E
ValidityTue, 24 Sep 2024 11:44:05 GMT - Mon, 23 Dec 2024 11:44:04 GMT

File type
HTML document, ASCII text, with very long lines (430), with no line terminators
Size
2.5 kB (2505 bytes)
Hash
aeb6f9e05c1aa6cbae94fdf8e1ee3cd4
d27880e784cd18f42444e890bf252e4ad65473e8
b96662dc3617a1c213ded24db5098fe75cfc99c3134bc02958cb590f4049a980

HTTP Headers

GET /wm/Usmanja200/2 HTTP/1.1
Host: autofaucet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA, ECT, Width, Viewport-Width, Platform-Version, Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: d3GL63S44vVGAv3N5k9x826tAeWsH3thgoY4AKDpHGtdGSPk=4e215e38652aba0d25a07fe546ef3d7d; path=/
d3GL63S44vVGAv3N5k9x826tAeWcH3thgoY4AKDpHGtdGSPk=1a37621285e3016199ba898df49b4719; expires=Sun, 06-Apr-2025 18:08:00 GMT; Max-Age=15552000; path=/; secure; httponly; SameSite=Strict
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t3D3oiLrvc2hq9VBXY45%2F7GEYjn8NXA9wNMHFapSy1F5YD5ohMhic5GjF8nxPV5%2FB070bUUO%2BZ39vI5fEaLxgVBfU8%2FxtxgwPSAqFsLsNSTB4OqPxp6tPE3TaX5UKd5NMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812dfddb3070e-LHR
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 14:48:26 GMT
expires: Sun, 05 Oct 2025 14:48:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 271199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Oct 2024 11:01:27 GMT
expires: Fri, 03 Oct 2025 11:01:27 GMT
cache-control: public, max-age=31536000
age: 457618
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/webworker.js?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca

142.250.74.68

221 kB

URL
www.google.com/recaptcha/api2/webworker.js?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (617)
Size
221 kB (221068 bytes)
Hash
082cca3a5ca26f0b08fee271954e6190
2bfa2fcfbcac690d287582042c4426ac3b00da3e
20d80c76912ff11a387e406cb17b8595e9d4aec1f5698b338541d6dbaf78b201

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=pwolzqhom1gl
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
expires: Tue, 08 Oct 2024 18:08:25 GMT
date: Tue, 08 Oct 2024 18:08:25 GMT
cache-control: private, max-age=300
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

142.250.147.191

1.6 kB

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (948)
Size
1.6 kB (1565 bytes)
Hash
ced74b8e33264e74dac17d5e2bd9c2da
915c640ac2920748b6b8c0061ca4c6118f75abff
4db255b5377ee5636fdfe178a3373beb59eed50d174a1b3077e154652d99cf78

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 1565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 13:21:32 GMT
expires: Tue, 07 Oct 2025 13:21:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Sep 2024 21:10:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 103613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241003&st=env

216.58.207.226

13 kB

URL
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241003&st=env
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
JSON text data
Size
13 kB (13112 bytes)
Hash
346bc5f1c0ddce2f62a8e4ed83011d59
ec621a15fc203e94785ce7cce4cdeb5247f81fb3
052cd8f3d02f8b3cbc47e7f2012a64f1511f55d256f6101f69be09873f08f0ab

HTTP Headers

GET /getconfig/sodar?sv=200&tid=gda&tv=r20241003&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sofiahalbofanimeworld.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Tue, 08 Oct 2024 18:08:25 GMT
server: cafe
content-length: 13112
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.surdotly.com/js/Surly.min.js

54.173.41.122

200 OK

1.7 kB

URL GET HTTP/2
cdn.surdotly.com/js/Surly.min.js
IP
54.173.41.122:443
ASN
#14618 AMAZON-AES

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerLet's Encrypt
Subjectcdn.surdotly.com
FingerprintBC:2D:3E:AC:D0:B7:72:18:57:A7:AF:0E:DA:2A:74:2C:D6:74:16:8F
ValidityFri, 13 Sep 2024 03:02:16 GMT - Thu, 12 Dec 2024 03:02:15 GMT

File type
gzip compressed data, from Unix
Size
1.7 kB (1709 bytes)
Hash
85bd1945c667f831de81d779b608eb11
dbe4e2ae89dba1201aa81da83a2905072ed4a1eb
98c2267fccfcf240c40c61a0a0bc03707acd80a9918da3c0728835c3f4520780

HTTP Headers

GET /js/Surly.min.js HTTP/1.1
Host: cdn.surdotly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 08 Oct 2024 18:08:23 GMT
content-type: application/javascript
last-modified: Mon, 13 Jun 2022 04:23:22 GMT
vary: Accept-Encoding
etag: W/"62a6bbba-b7a"
expires: Thu, 07 Nov 2024 18:08:23 GMT
cache-control: max-age=2592000
content-encoding: gzip
X-Firefox-Spdy: h2

sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html

216.58.207.193

15 kB

URL
sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8253)
Size
15 kB (14668 bytes)
Hash
0f55d370be848a14d0df0ebb7021d0b8
155bbec4d520ba582db82f7c0b953e05a9d0abf5
aa4f4a9fd499f49781c46ccaa2bc758217c15f5487627917435c1a1d9ba6d388

HTTP Headers

GET /2021/07/blog-post.html HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 08 Oct 2024 18:08:25 GMT
date: Tue, 08 Oct 2024 18:08:25 GMT
cache-control: private, max-age=0
last-modified: Tue, 08 Oct 2024 18:07:24 GMT
etag: W/"053b09a58fb3fa48da08a5add2d5956d42ed5fbca9339234368421f010ba6445"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 14668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sofiahalbofanimeworld.blogspot.com/js/cookienotice.js

216.58.207.193

2.0 kB

URL
sofiahalbofanimeworld.blogspot.com/js/cookienotice.js
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text
Size
2.0 kB (2026 bytes)
Hash
a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 18:07:56 GMT
expires: Tue, 15 Oct 2024 18:07:56 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 13:59:46 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

142.250.147.191

200 OK

7.8 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
ASCII text, with very long lines (35959)
Size
7.8 kB (7756 bytes)
Hash
1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

HTTP Headers

GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Oct 2024 13:49:51 GMT
expires: Mon, 06 Oct 2025 13:49:51 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 05 Oct 2024 22:49:31 GMT
content-type: text/css
vary: Accept-Encoding
age: 188315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/static/v1/jsbin/1466990918-comment_from_post_iframe.js

142.250.147.191

6.7 kB

URL
www.blogger.com/static/v1/jsbin/1466990918-comment_from_post_iframe.js
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (2168)
Size
6.7 kB (6748 bytes)
Hash
8690028a2d583da1be43200c873f4aca
832d7d2341b244672eff2a3b6d4319ba0f569ddb
6a0af73d8aca10ba21b96c1a708c2effd53397bcb7797092280089818d640cb3

HTTP Headers

GET /static/v1/jsbin/1466990918-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 18:49:05 GMT
expires: Sun, 05 Oct 2025 18:49:05 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 04 Oct 2024 20:57:10 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 256761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/static/v1/widgets/3650705295-widgets.js

142.250.147.191

51 kB

URL
www.blogger.com/static/v1/widgets/3650705295-widgets.js
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (4279)
Size
51 kB (51416 bytes)
Hash
a07ab2548bced4c8b1431455cdd020cd
8ad54e7e2ba4de4d1e7afaca52306c0a81ae40ac
b7f75b19ecc538a84719f23ac5693033d53ab02ce0c097d6b4d12b5e920a592e

HTTP Headers

GET /static/v1/widgets/3650705295-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 51416
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 03:28:22 GMT
expires: Tue, 07 Oct 2025 03:28:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 00:56:47 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 139204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109

216.58.207.226

200 OK

53 kB

URL GET HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109
IP
216.58.207.226:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
JavaScript source, ASCII text, with very long lines (4006)
Size
53 kB (52657 bytes)
Hash
32ff2e43696fa95b3dac0cbb910032d0
1288908cd833c604ae7dac78465446d05c60db0c
f1b24fef0aa14c48617e8278de07844b836ef9c96cc21c39b01881ae9c980156

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-5387507473582359&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sofiahalbofanimeworld.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:26 GMT
expires: Tue, 08 Oct 2024 18:08:26 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 3868733086960011650
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52657
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/platform.js

142.250.74.110

24 kB

URL
apis.google.com/js/platform.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
24 kB (24114 bytes)
Hash
50047d1ce3a78337b656b202c5c15bc2
2dc8fa917230eff7e1ef9a6863129e311ed81811
40c902b93901973c7f42e026b5c79b99ce6d71e5db1d48aa5d67a9e46c0bfd70

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 24114
date: Tue, 08 Oct 2024 18:08:26 GMT
expires: Tue, 08 Oct 2024 18:08:26 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "45dfd97a5df6ac68"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=27dd6370-fcfb-4320-aaec-435c7b6970a5

142.250.147.191

21 B

URL
www.blogger.com/dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=27dd6370-fcfb-4320-aaec-435c7b6970a5
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=3405693820859981231&zx=27dd6370-fcfb-4320-aaec-435c7b6970a5 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:08:26 GMT
last-modified: Tue, 08 Oct 2024 18:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/js/google_top_exp.js

216.58.207.226

200 OK

42 B

URL GET HTTP/3
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
216.58.207.226:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
ASCII text
Size
42 B (42 bytes)
Hash
7f5f2be159837d73b72a4b37616bce44
c93d7f25b530b05c26440d3352213b683d03dcc3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

HTTP Headers

GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Tue, 08 Oct 2024 04:52:43 GMT
expires: Tue, 22 Oct 2024 04:52:43 GMT
cache-control: public, max-age=1209600
age: 47743
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs

142.250.74.110

200 OK

63 kB

URL GET HTTP/2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.apis.google.com
Fingerprint48:CD:F5:D1:F3:78:A1:83:0F:BC:5E:CA:CA:2A:0A:CB:D2:70:8D:83
ValidityMon, 16 Sep 2024 09:36:21 GMT - Mon, 09 Dec 2024 09:36:20 GMT

File type
JavaScript source, ASCII text, with very long lines (1885)
Size
63 kB (62924 bytes)
Hash
40ce8d1c9624826c3de087c8478ab7c1
646063e4267ae4385bedb0639f8bc6dd8b71c236
4966fc59206429f3408775b228c28beb1d80818fdddad27cc678ac34c01e5ab0

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.3visMJpiQIc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo99Jaq3x9bYTscBipFXsayIS-abwA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 62924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 21:38:11 GMT
expires: Tue, 07 Oct 2025 21:38:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Oct 2024 18:50:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 73815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/icon18_email.gif

142.250.147.191

164 B

URL
resources.blogblog.com/img/icon18_email.gif
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 13
Size
164 B (164 bytes)
Hash
36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466

HTTP Headers

GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 00:12:40 GMT
expires: Mon, 14 Oct 2024 00:12:40 GMT
cache-control: public, max-age=604800
last-modified: Sun, 06 Oct 2024 23:56:30 GMT
content-type: image/gif
age: 150946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/icon18_edit_allbkg.gif

142.250.147.191

162 B

URL
resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 18
Size
162 B (162 bytes)
Hash
c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

HTTP Headers

GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 00:54:14 GMT
expires: Mon, 14 Oct 2024 00:54:14 GMT
cache-control: public, max-age=604800
last-modified: Sun, 06 Oct 2024 16:50:46 GMT
content-type: image/gif
age: 148452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/img/blogger_logo_round_35.png

142.250.147.191

200 OK

2.5 kB

URL GET HTTP/2
www.blogger.com/img/blogger_logo_round_35.png
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2531 bytes)
Hash
838622483cbfed35380b4705f19d7cca
7de684136affc969a24d61927afc18905cf2fc36
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

HTTP Headers

GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2531
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 06:32:19 GMT
expires: Mon, 14 Oct 2024 06:32:19 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 04:51:09 GMT
content-type: image/png
age: 128167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/blogblog/data/1kt/ethereal/white-fade.png

142.250.147.191

200 OK

144 B

URL GET HTTP/3
resources.blogblog.com/blogblog/data/1kt/ethereal/white-fade.png
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 1 x 590, 8-bit/color RGBA, non-interlaced
Size
144 B (144 bytes)
Hash
4ba06844286b94adfc8ad7bc8a8fde94
9e1fa0c37abf7c05300b90f8938dd2458409a35e
909a47a95386ffd0420ff44c0f1278a3259b918b1bc8213afa97ad6a4bb5bb58

HTTP Headers

GET /blogblog/data/1kt/ethereal/white-fade.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 00:59:24 GMT
expires: Mon, 14 Oct 2024 00:59:24 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 00:56:47 GMT
content-type: image/png
age: 148142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/img/share_buttons_20_3.png

142.250.147.191

5.1 kB

URL
www.blogger.com/img/share_buttons_20_3.png
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced
Size
5.1 kB (5080 bytes)
Hash
ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

HTTP Headers

GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Oct 2024 04:04:42 GMT
expires: Wed, 09 Oct 2024 04:04:42 GMT
cache-control: public, max-age=604800
last-modified: Wed, 02 Oct 2024 02:57:38 GMT
content-type: image/png
age: 569024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

themes.googleusercontent.com/image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3

142.250.74.97

43 kB

URL
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
PNG image data, 1515 x 971, 8-bit/color RGBA, non-interlaced
Size
43 kB (42869 bytes)
Hash
05d2738b4dc90530c7cfab2ec6a780bd
f156f3f4d6b41803bcb8704a01e38623098f09af
919e34ec42b0b8a6f9754b9e33f9faba1c20a79bc151cc03009fc0e2bb17a922

HTTP Headers

GET /image?id=0BwVBOzw_-hbMMDZjM2Q4YjctMTY2OC00ZGU2LWJjZDYtODVjOGRiOThlMGQ3 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Wed, 09 Oct 2024 18:08:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:26 GMT
server: fife
content-length: 42869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apps-pnd.ctengine.io/tmp

109.109.137.73

200 OK

326 B

URL POST HTTP/2
apps-pnd.ctengine.io/tmp
IP
109.109.137.73:443
ASN
#205072 Layershift Limited

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGandi
Subject*.ctengine.io
Fingerprint5D:56:88:13:05:E2:3B:FF:D1:BB:CC:F9:BD:C9:0E:C8:88:2F:B4:9C
ValiditySat, 13 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
data
Size
326 B (326 bytes)
Hash
d0a381008606b2bbc9fdc7fd85c55c2f
1e5b7197595c88936daea87d388a2d40cc8dbef4
e0952d25e3c6119cff1ce9cd78c419360c428b015ede58519402c11dcdb38652

HTTP Headers

POST /tmp HTTP/1.1
Host: apps-pnd.ctengine.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
CT-Remote-Token: 9239ae68-8006-4927-9f1b-4eb5600d81e2
Content-Length: 107
Origin: https://coinads.online
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:07 GMT
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: https://coinads.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Configuration
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Configuration
set-cookie: ctuid=9239ae68-8006-4927-9f1b-4eb5600d81e2; expires=Thu, 07 Nov 2024 18:08:07 GMT; Max-Age=2592000; path=/; domain=.ctengine.io; secure; HttpOnly; SameSite=None
route=fa645bd5d2aa41acee2d8dad99465bc0; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com&bust=31087855

216.58.207.226

143 kB

URL
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com&bust=31087855
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
JavaScript source, ASCII text, with very long lines (2868)
Size
143 kB (143358 bytes)
Hash
de684e8b5ac5a0998c7e549336378b7e
5367ce7133bd78ae6254e2df953dcdd3e2000ab3
54cd20e1d642a19017d8a9a6e37b259a0c3afa307352f61e79b113f77717f590

HTTP Headers

GET /pagead/managed/js/adsense/m202410070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5387507473582359&plah=sofiahalbofanimeworld.blogspot.com&bust=31087855 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:26 GMT
expires: Tue, 08 Oct 2024 18:08:26 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 6214992488733336404
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 143358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

digitalhub.odoo.com/web/assets/1/626efe6/web.assets_frontend_minimal.min.js

34.93.222.88

200 OK

70 kB

URL GET HTTP/2
digitalhub.odoo.com/web/assets/1/626efe6/web.assets_frontend_minimal.min.js
IP
34.93.222.88:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type
gzip compressed data, max speed, from Unix
Size
70 kB (69502 bytes)
Hash
0d4533d271026c4d7501b9f1b1e41789
049ef3527845160e347022d32a46fecd0849d61b
2ee039c0e55a01e653ca4229f1cd7c7b1d4a2e17bb6af735c9a114c817e1487a

HTTP Headers

GET /web/assets/1/626efe6/web.assets_frontend_minimal.min.js HTTP/1.1
Host: digitalhub.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Sep 2024 06:56:38 GMT
content-disposition: inline; filename=web.assets_frontend_minimal.min.js
cache-control: public, max-age=31536000, immutable
expires: Wed, 08 Oct 2025 18:07:59 GMT
set-cookie: session_id=yvTcMim1m9f6m9MzAxgPnhnt_aXsmaZ9KlC0Jzer80OleskSvw5iiD1U7JPPaISEgp4Bvz_4rIOYLRkfkHJ1; Expires=Wed, 08 Oct 2025 18:07:59 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax
etag: W/"66dfeda6-6a10"
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

142.250.74.97

24 kB

URL
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640-rw/original+%25284%2529.jpg
IP
142.250.74.97:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (23620 bytes)
Hash
0486a0e5405a90fc0528d411f15bacfb
f9bfa4be241b5dcb1d08521f2e450e6b5d60c267
047cafbd80a22fe50f919e0be95c387e2bfb3dab555eeeb1b0b3c59157b61687

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640-rw/original+%25284%2529.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v51c"
expires: Wed, 09 Oct 2024 18:08:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="original (4).webp"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:26 GMT
server: fife
content-length: 23620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.97

200 OK

19 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeaoNsjDNQ-ft3m51CUPvtToBCbzwdc07wA-SfDPeT-QYmEmsTDzvY8IT9fbty0vA7cQw0i0FVu0FF2ondR7f191Nf0ZSiKTH-boMuR4uzVZYnx-uy132RLaT3OwItBoytd6eLbHjhJnk/s1600/tumblr_p9sx9t6ITy1tji7wmo1_640.png
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
PNG image data, 627 x 348, 8-bit/color RGB, non-interlaced
Size
19 kB (19422 bytes)
Hash
08b8c241415eb845471a6cdc24e86d3d
4a67fd9185985c5eb0f690a81e4723e9fd10991e
e20d7cd5eded37c6539062e9a67b2674b0c52f8149c9880c8ea6ca366fe7df00

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEgeaoNsjDNQ-ft3m51CUPvtToBCbzwdc07wA-SfDPeT-QYmEmsTDzvY8IT9fbty0vA7cQw0i0FVu0FF2ondR7f191Nf0ZSiKTH-boMuR4uzVZYnx-uy132RLaT3OwItBoytd6eLbHjhJnk/s1600/tumblr_p9sx9t6ITy1tji7wmo1_640.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v358"
expires: Wed, 09 Oct 2024 18:08:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tumblr_p9sx9t6ITy1tji7wmo1_640.png"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:26 GMT
server: fife
content-length: 19422
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.97

200 OK

25 kB

URL GET HTTP/2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640/original+%25284%2529.jpg
IP
142.250.74.97:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 500x504, components 3
Size
25 kB (24947 bytes)
Hash
4112a2265f97c15c59d8c48c0d07e556
0ee3839d780347edf08fd5f4a52388dd46bc3ad2
74477a6ab562eaaf23b770ae8a9bb469444d9e2a09fe75a229c163593e2ad518

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEhseTpUxkcdHqsidRBkMaLVFAmLGSBygwPxwJ6s7vr7go-Ee9TkilI213RIDQBF618qFHscAZc0z3EMww7XjSsTn5PgqholxWnHEhw9e48EJR23kEu8Nt4EZJ3X3uA_8XhpO5DnzJhDFKU/w635-h640/original+%25284%2529.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v51c"
expires: Wed, 09 Oct 2024 18:08:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="original (4).jpg"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:26 GMT
server: fife
content-length: 24947
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.147.191

2.2 kB

URL
www.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=4364866522047349775&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html&vt=2925421536678128828&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1963)
Size
2.2 kB (2233 bytes)
Hash
d37e559bea2647483d0e76968bcc7895
b0dc47b6f32a6ff0176834285dd7ed1ae5832bea
b5c5eea7e052a33e15c68abbe32e7af4bb35a1c86f206d346af454114576f0eb

HTTP Headers

GET /navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=4364866522047349775&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html&vt=2925421536678128828&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2233
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/anon36.png

142.250.147.191

1.7 kB

URL
resources.blogblog.com/img/anon36.png
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
PNG image data, 36 x 36, 8-bit/color RGB, non-interlaced
Size
1.7 kB (1654 bytes)
Hash
106b75877485647b4b5618523f541732
c19e26c01d2972a4c895c3688c735158785620c7
19a794aab8d93c3cafd1efa4ae19579369f92ed5f1bb114d05aa0d7c7d1b3c22

HTTP Headers

GET /img/anon36.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1654
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:19:24 GMT
expires: Tue, 15 Oct 2024 11:19:24 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 13:59:46 GMT
content-type: image/png
age: 24542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/html/r20241003/r20190131/zrt_lookup_fy2021.html

216.58.207.226

4.1 kB

URL
pagead2.googlesyndication.com/pagead/html/r20241003/r20190131/zrt_lookup_fy2021.html
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
HTML document, ASCII text, with very long lines (2873)
Size
4.1 kB (4121 bytes)
Hash
0a69a7a3530de318072de6182e31a0c6
9bf1165a0064fb85dd8f29ddc6c45ad5b9574ee9
bf1e2557855835794a8a1d9c1403ac53373ccea3006325357e5cb384e93d7514

HTTP Headers

GET /pagead/html/r20241003/r20190131/zrt_lookup_fy2021.html HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4121
x-xss-protection: 0
date: Tue, 08 Oct 2024 02:20:42 GMT
expires: Tue, 22 Oct 2024 02:20:42 GMT
cache-control: public, max-age=1209600
age: 56864
etag: 13108003645644964576
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.74.97

327 kB

URL
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIL0clAHGELinnu7M0t1a5-wpfD8W0lp4abd01C9FTz7Yg6oX_PTTJGgCDho3cGkN-9z4RwlYCUkSAs4YqA1gnJ4kABh22trTlmeN4BVUqveaebdTBNoJ6Pi0AAkqf98BQCG8Oyjcq2-I/w640-h640-rw/image.png
IP
142.250.74.97:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
FingerprintE4:70:0D:EE:EF:A5:22:F8:E0:2D:F4:88:B6:12:68:A2:DB:32:85:38
ValidityMon, 16 Sep 2024 09:32:18 GMT - Mon, 09 Dec 2024 09:32:17 GMT

File type
RIFF (little-endian) data, Web/P image
Size
327 kB (327408 bytes)
Hash
ec594b2c5eb1f595e207b48d48619cfb
eae8ab412dd779cf3ca5e294d38ed271e2188a0b
bf257ae6a2d584b305ec3eb6ec6a64fc86636a0db7c4751e11ba3bea9cb604bb

HTTP Headers

GET /img/b/R29vZ2xl/AVvXsEiIL0clAHGELinnu7M0t1a5-wpfD8W0lp4abd01C9FTz7Yg6oX_PTTJGgCDho3cGkN-9z4RwlYCUkSAs4YqA1gnJ4kABh22trTlmeN4BVUqveaebdTBNoJ6Pi0AAkqf98BQCG8Oyjcq2-I/w640-h640-rw/image.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/webp
vary: Origin
access-control-expose-headers: Content-Length
etag: "v566"
expires: Wed, 09 Oct 2024 18:08:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.webp"
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:26 GMT
server: fife
content-length: 327408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0

216.58.207.226

0 B

URL
pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 08 Oct 2024 18:08:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1728410844&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=154x805_l%7C154x805_r&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F07%2Fblog-post.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aifgd=1&aipaq=1&itsi=-1&aief=1&dt=1728410906309&bpp=10&bdt=291&idt=512&shv=r20241003&mjsv=m202410070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=905573243819&frm=20&pv=2&u_tz=0&u_his=5&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C95343329%2C95343455%2C31087855%2C95335247&oid=2&pvsid=3566696655292068&tmod=1349690248&nvt=1&fsapi=1&ref=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F07%2Fblog-post.html&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=577

216.58.207.226

46 B

URL
pagead2.googlesyndication.com/pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1728410844&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=154x805_l%7C154x805_r&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F07%2Fblog-post.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aifgd=1&aipaq=1&itsi=-1&aief=1&dt=1728410906309&bpp=10&bdt=291&idt=512&shv=r20241003&mjsv=m202410070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=905573243819&frm=20&pv=2&u_tz=0&u_his=5&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C95343329%2C95343455%2C31087855%2C95335247&oid=2&pvsid=3566696655292068&tmod=1349690248&nvt=1&fsapi=1&ref=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F07%2Fblog-post.html&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=577
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
HTML document, ASCII text, with very long lines (603), with no line terminators
Size
46 B (46 bytes)
Hash
2c739853e3edfa26869416e3d4e5d369
c263dc1c36c954b252bc7e775e6e82865d9b29b8
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

HTTP Headers

GET /pagead/ads?npa=1&client=ca-pub-5387507473582359&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1728410844&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=154x805_l%7C154x805_r&format=0x0&url=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F07%2Fblog-post.html&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aifgd=1&aipaq=1&itsi=-1&aief=1&dt=1728410906309&bpp=10&bdt=291&idt=512&shv=r20241003&mjsv=m202410070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=905573243819&frm=20&pv=2&u_tz=0&u_his=5&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1280&bih=1024&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C95343329%2C95343455%2C31087855%2C95335247&oid=2&pvsid=3566696655292068&tmod=1349690248&nvt=1&fsapi=1&ref=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com%2F2021%2F07%2Fblog-post.html&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C1024&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=577 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Oct 2024 18:08:27 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 14:48:26 GMT
expires: Sun, 05 Oct 2025 14:48:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 271201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

142.250.147.191

67 kB

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/am=BgwGGAM/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP0L_H72BQp-497kFRQpC-kO9F0vgg/m=_b,_tp
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (1779)
Size
67 kB (67268 bytes)
Hash
67e8fef75d42a3eab9697fcdf11d629a
84bf01f687e911fc27e30958d167d26c4d324045
cc21a6f936a57834856ece7687b69877708d4d58e7530aa824415ac494f6c65e

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/am=BgwGGAM/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP0L_H72BQp-497kFRQpC-kO9F0vgg/m=_b,_tp HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 67268
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 03:42:19 GMT
expires: Tue, 07 Oct 2025 03:42:19 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Fri, 04 Oct 2024 23:08:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 138368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

apis.google.com/js/platform:gapi.iframes.style.common.js

142.250.74.110

200 OK

24 kB

URL GET HTTP/3
apis.google.com/js/platform:gapi.iframes.style.common.js
IP
142.250.74.110:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com&pfname=&rpctoken=86231880
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type
JavaScript source, ASCII text, with very long lines (1831)
Size
24 kB (24124 bytes)
Hash
da40ef4242aa882fd89c4a6f4a1f8e66
36d4566e044021ff8d28325590594d15d4d26e91
5633f53e7c8ec0475172ac35923206b7623f0e148531b0774b93444da2dd240f

HTTP Headers

GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 24124
date: Tue, 08 Oct 2024 18:08:27 GMT
expires: Tue, 08 Oct 2024 18:08:27 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "123c7ff8bc76c11b"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/navbar/icons_peach.png

142.250.147.191

907 B

URL
resources.blogblog.com/img/navbar/icons_peach.png
IP
142.250.147.191:0
ASN
#15169 GOOGLE

File type
PNG image data, 46 x 20, 8-bit colormap, non-interlaced
Size
907 B (907 bytes)
Hash
3718077fe5eb689b0ded987a52881d06
f0ce5596ef43f850c400cbbc0556697fb3e7b232
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

HTTP Headers

GET /img/navbar/icons_peach.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 907
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 22:20:57 GMT
expires: Mon, 14 Oct 2024 22:20:57 GMT
cache-control: public, max-age=604800
last-modified: Mon, 07 Oct 2024 13:59:46 GMT
content-type: image/png
age: 71250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

resources.blogblog.com/img/navbar/arrows-light.png

142.250.147.191

200 OK

117 B

URL GET HTTP/3
resources.blogblog.com/img/navbar/arrows-light.png
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fsofiahalbofanimeworld.blogspot.com&pfname=&rpctoken=86231880
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced
Size
117 B (117 bytes)
Hash
25c2b0cfe0ad4dcda4a0e3727d091d80
b9d16f4311e64648b7970baf00cb9841e3c3351b
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

HTTP Headers

GET /img/navbar/arrows-light.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 117
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Oct 2024 21:30:28 GMT
expires: Sun, 13 Oct 2024 21:30:28 GMT
cache-control: public, max-age=604800
last-modified: Sun, 06 Oct 2024 19:56:17 GMT
content-type: image/png
age: 160679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.coinzilla.com/base/click.html?type=popunder&zone=7695f96e977909c5700

104.26.3.188

200 OK

48 kB

URL GET HTTP/2
cdn.coinzilla.com/base/click.html?type=popunder&zone=7695f96e977909c5700
IP
104.26.3.188:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerGoogle Trust Services
Subjectcoinzilla.com
Fingerprint2E:84:C9:12:FD:E9:E3:25:14:71:13:75:C6:63:5B:33:13:23:48:0C
ValidityThu, 05 Sep 2024 00:48:37 GMT - Wed, 04 Dec 2024 00:48:36 GMT

File type
HTML document, ASCII text, with very long lines (885)
Size
48 kB (47489 bytes)
Hash
f88b0da6844323d820a2a28446ac6eb1
683c873ffaa9041284561377c08eddfa447656fb
91f63e22f3cb73362fa8abc1e712208c5d38676a7741082d1656982e998d9d47

HTTP Headers

GET /base/click.html?type=popunder&zone=7695f96e977909c5700 HTTP/1.1
Host: cdn.coinzilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://request-global.czilladx.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: text/html
last-modified: Wed, 03 Aug 2022 12:13:18 GMT
cache-control: max-age=604800, public
expires: Tue, 15 Oct 2024 18:08:05 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZaCfiv%2BSapAnKM1c%2BRkBN%2BnxQ1kxADoRlu8easUAm0YijfeeVQC6pkmljLBHy1Y0Gbv97UAjdAAOchhddeDVTKp8LiDN2Gk3MZKBMEELrXKLTbC7k4T0y4Tbcl60%2FBaP1og"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf813041b7c56b7-OSL
content-encoding: br
X-Firefox-Spdy: h2

142.250.147.191

130 kB

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,ebZ3mb,zr1jrb,ZDZcre,Uas9Hd,A7fCU,pjICDe
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (2219)
Size
130 kB (129507 bytes)
Hash
abe09aeffcf01f2631b6663591ab3b28
f7791303532af00464a074758449bbff5be4eb53
cdd24451db473d2a73808efd9fea0aa0561c1a3563bd1677e4f18e90e2ae91e1

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,A1yn5d,fKUV3e,aurFic,Ug7Xab,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,ebZ3mb,zr1jrb,ZDZcre,Uas9Hd,A7fCU,pjICDe HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 129507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 12:34:46 GMT
expires: Tue, 07 Oct 2025 12:34:46 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Sep 2024 21:10:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 106421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x

142.250.147.191

154 B

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text
Size
154 B (154 bytes)
Hash
0212f84f9b3c279098932d83a43b6448
22ef0e934187e4a4bb70bce5a59e7eed3e45e82b
9dffee8e9e10ba5883b18f8f0803e06bcdd3751909cd3a2ad48195a33a4132c9

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,WO9ee,XVMNvd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 13:11:35 GMT
expires: Tue, 07 Oct 2025 13:11:35 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Sep 2024 21:10:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 104212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd

142.250.147.191

7.5 kB

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (3521)
Size
7.5 kB (7484 bytes)
Hash
4ba1f1ddec2cdce9b396c3695fbd3488
78754afb3bc47c8a723da5b4dad40b6432f6a7b4
2cd2f67d39c8fb988af8513791f658e40194969918a188d18b30a64d81b736a5

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 7484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 13:21:26 GMT
expires: Tue, 07 Oct 2025 13:21:26 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Sep 2024 21:10:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 103621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc

142.250.147.191

749 B

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (742)
Size
749 B (749 bytes)
Hash
52927d24707f9ff25ea0bd775edf9a05
b46d348ed81fba6c2a6469ccece95ac4a858c3d2
0d2b44dd085cad795a3790a2267ba368af057815e389b6f04fe86ca6aac05fc2

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=P6sQOc HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 749
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 06:12:03 GMT
expires: Wed, 08 Oct 2025 06:12:03 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Sep 2024 21:10:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 42984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js

142.250.74.67

200 OK

218 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
JavaScript source, ASCII text, with very long lines (724)
Size
218 kB (218137 bytes)
Hash
33aff52b82a1df246136e75500d93220
4675754451af81f996eab925923c31ef5115a9f4
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731

HTTP Headers

GET /recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 218137
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:01:38 GMT
expires: Wed, 08 Oct 2025 11:01:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 25609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sofiahalbofanimeworld.blogspot.com/favicon.ico

216.58.207.193

412 B

URL
sofiahalbofanimeworld.blogspot.com/favicon.ico
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel
Size
412 B (412 bytes)
Hash
59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sofiahalbofanimeworld.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/2021/07/blog-post.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/x-icon
expires: Tue, 08 Oct 2024 18:08:27 GMT
date: Tue, 08 Oct 2024 18:08:27 GMT
cache-control: private, max-age=86400
last-modified: Tue, 08 Oct 2024 18:07:24 GMT
etag: W/"053b09a58fb3fa48da08a5add2d5956d42ed5fbca9339234368421f010ba6445"
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.207.206

200 OK

0 B

URL POST HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997#%7B%22color%22:%22rgb(102,%20102,%20102)%22,%22backgroundColor%22:%22rgb(61,%20133,%20198)%22,%22unvisitedLinkColor%22:%22rgb(61,%20116,%20165)%22,%22fontFamily%22:%22Arial,%20Tahoma,%20Helvetica,%20FreeSans,%20sans-serif%22%7D
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 08 Oct 2024 18:08:27 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

play.google.com/log?format=json&hasfast=true&authuser=0

216.58.207.206

200 OK

131 B

URL POST HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://draft.blogger.com/comment/frame/3405693820859981231?po=1705863557195155936&hl=en&saa=73852&blogspotRpcToken=9274997#%7B%22color%22:%22rgb(102,%20102,%20102)%22,%22backgroundColor%22:%22rgb(61,%20133,%20198)%22,%22unvisitedLinkColor%22:%22rgb(61,%20116,%20165)%22,%22fontFamily%22:%22Arial,%20Tahoma,%20Helvetica,%20FreeSans,%20sans-serif%22%7D
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2E:AD:4B:73:89:E6:72:25:56:C8:9A:16:7A:F5:DA:FF:47:2E:C8:AD
ValidityMon, 16 Sep 2024 08:55:48 GMT - Mon, 09 Dec 2024 08:55:47 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 587
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 08 Oct 2024 18:08:27 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=23f3ghv0w0g1

142.250.74.68

72 kB

URL
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=23f3ghv0w0g1
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (39573)
Size
72 kB (72117 bytes)
Hash
fc396a4b72440de4c359c3bf27a68bf5
1d862b75d03ea5607ca6567a935a59e47a25cb51
152eeffa3c89b39c2a62593f0611249d04cbb1c526daf2b62d3768e2006f8795

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=23f3ghv0w0g1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:08:27 GMT
content-security-policy: script-src 'nonce-AJcv33DHCoeh1kRD8ZFOlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js

142.250.74.67

200 OK

218 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
JavaScript source, ASCII text, with very long lines (724)
Size
218 kB (218137 bytes)
Hash
33aff52b82a1df246136e75500d93220
4675754451af81f996eab925923c31ef5115a9f4
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731

HTTP Headers

GET /recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 218137
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:01:38 GMT
expires: Wed, 08 Oct 2025 11:01:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 25609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/SzbTPrPj0RZMh3sKke7Dm2R1EAOQaD1lrFJKAhnJ0tE.js

142.250.74.68

7.6 kB

URL
www.google.com/js/bg/SzbTPrPj0RZMh3sKke7Dm2R1EAOQaD1lrFJKAhnJ0tE.js
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (18053)
Size
7.6 kB (7628 bytes)
Hash
61721b9fc4880c88e14e0251d0ffc033
27a8a3835b9f801e3d9302631d0db87d7c5cd4e6
4b36d33eb3e3d1164c877b0a91eec39b6475100390683d65ac524a0219c9d2d1

HTTP Headers

GET /js/bg/SzbTPrPj0RZMh3sKke7Dm2R1EAOQaD1lrFJKAhnJ0tE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=23f3ghv0w0g1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:41:04 GMT
expires: Wed, 08 Oct 2025 11:41:04 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 17 Sep 2024 15:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 23244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.67

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Oct 2024 11:45:56 GMT
expires: Thu, 10 Oct 2024 11:45:56 GMT
cache-control: public, max-age=604800
age: 454952
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Oct 2024 14:48:26 GMT
expires: Sun, 05 Oct 2025 14:48:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 271202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly9kcmFmdC5ibG9nZ2VyLmNvbTo0NDM.&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=59xhp6bh8jyt
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Oct 2024 11:01:27 GMT
expires: Fri, 03 Oct 2025 11:01:27 GMT
cache-control: public, max-age=31536000
age: 457621
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js

142.250.74.67

200 OK

218 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B
ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

File type
JavaScript source, ASCII text, with very long lines (724)
Size
218 kB (218137 bytes)
Hash
33aff52b82a1df246136e75500d93220
4675754451af81f996eab925923c31ef5115a9f4
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731

HTTP Headers

GET /recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 218137
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 11:01:38 GMT
expires: Wed, 08 Oct 2025 11:01:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 25610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

142.250.147.191

1.6 kB

URL
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP
142.250.147.191:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (948)
Size
1.6 kB (1565 bytes)
Hash
ced74b8e33264e74dac17d5e2bd9c2da
915c640ac2920748b6b8c0061ca4c6118f75abff
4db255b5377ee5636fdfe178a3373beb59eed50d174a1b3077e154652d99cf78

HTTP Headers

GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.pqxMqG31ZhQ.es5.O/ck=boq-blogger.BloggerCommentUi.Ugh6sny4GqE.L.F4.O/am=BgwGGAM/d=1/exm=A1yn5d,A7fCU,BVgquf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P6sQOc,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,UUJqVe,Uas9Hd,Ug7Xab,Ulmmrd,V3dDOb,VXdfxd,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZDZcre,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,ebZ3mb,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP00iJuP0RWhgXifs0FWgevmAMuqzQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 1565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Oct 2024 13:21:32 GMT
expires: Tue, 07 Oct 2025 13:21:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 26 Sep 2024 21:10:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 103616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241003&st=env

216.58.207.226

13 kB

URL
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241003&st=env
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
JSON text data
Size
13 kB (12849 bytes)
Hash
7e99624643ab34ec343dee21d86c13f1
917bcf70367805165e3907da5779936a76def808
b221c805f6535a107ccdf943fd7c9933d13156446d1e3717bc00f15ded28932f

HTTP Headers

GET /getconfig/sodar?sv=200&tid=gda&tv=r20241003&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sofiahalbofanimeworld.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Tue, 08 Oct 2024 18:08:28 GMT
server: cafe
content-length: 12849
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tpc.googlesyndication.com/sodar/sodar2.js

216.58.207.193

6.4 kB

URL
tpc.googlesyndication.com/sodar/sodar2.js
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (1382)
Size
6.4 kB (6445 bytes)
Hash
3b071d5606cc1cf92ae307f5bdb4e540
e191068cc90e5489130489a1cf173fe50bba28b8
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

HTTP Headers

GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6445
date: Tue, 08 Oct 2024 18:08:28 GMT
expires: Tue, 08 Oct 2024 18:08:28 GMT
cache-control: private, max-age=3000
etag: "1727224258380615"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tpc.googlesyndication.com/sodar/sodar2/232/runner.html

216.58.207.193

5.0 kB

URL
tpc.googlesyndication.com/sodar/sodar2/232/runner.html
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (2008)
Size
5.0 kB (5005 bytes)
Hash
d1f231b50b152372a6c3100f4aed1973
1bf10951be06da03d1371a904e19c0419f2a3637
9dec95894af322b087ab6e87f9c8ce66d849646cf33b375d33c957f4569ed081

HTTP Headers

GET /sodar/sodar2/232/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5005
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Oct 2024 18:06:17 GMT
expires: Tue, 08 Oct 2024 18:56:17 GMT
cache-control: public, max-age=3000
age: 131
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
content-type: text/html
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/bg/OLU2Qs7L6j7GM-qga8AmcQGkif1_HTGLtucCbK--hhY.js

216.58.207.226

21 kB

URL
pagead2.googlesyndication.com/bg/OLU2Qs7L6j7GM-qga8AmcQGkif1_HTGLtucCbK--hhY.js
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type
JavaScript source, ASCII text, with very long lines (53168)
Size
21 kB (20797 bytes)
Hash
428b235509864aaa8e2ebe79431422ee
a8e28da93b5c19e95f26aa2d9887bce52aa8a9f9
38b53642cecbea3ec633eaa06bc0267101a489fd7f1d318bb6e7026cafbe8616

HTTP Headers

GET /bg/OLU2Qs7L6j7GM-qga8AmcQGkif1_HTGLtucCbK--hhY.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20797
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Oct 2024 12:53:35 GMT
expires: Sat, 04 Oct 2025 12:53:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Sep 2024 11:38:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 364493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tpc.googlesyndication.com/generate_204?aUsbEw

216.58.207.193

0 B

URL
tpc.googlesyndication.com/generate_204?aUsbEw
IP
216.58.207.193:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /generate_204?aUsbEw HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Tue, 08 Oct 2024 18:08:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241003&jk=3566696655292068&bg=!OjmlOXbNAAax3igvkd47ADQBe5WfOBs7IQ-oACHnJrMnnxo72WYgzMMRY8C6T37Kxx5PRNpRRUSKUmLEKDUEwAfR-qS2AgAAASBSAAAAFWgBB34ANWhjMoejJutk2x1uIMIqObt7uP--CXzM0tB4ymt_VeckrQjsPYHVM9HNwa0T8CigTsPP-cbdCgDdLaX0Kjymr0w0_jVEOe3DPnSkFu5beO5_VXa4KGS5k8ZX9Fy2mnA5SIHwyW-9mog0bs7OIEY8c4ZEhGPxbI8ofbeAHOmejj8CsbYoZtsmtvsWpiq4ra5EpYrrFtLdd8sGpVeTfbLc6kOC8A9x20oA5cotQ34zs_sta3QvFJb6sa6DNwVhsFoja4SXwW154R-cioqAZh7tn9YOhR9ZaK_6OFKnu0Q8kuDvdD_cKL7Akc06dJo6tUA0PJveewVjT9Lbtd5kdoUTBQ16gbVqPJrbjtRUPim2PPqQh9Mxm7mZAfw-5bgQ2nZZKPsO1E1Xlf_bA6kwSGvPFIaOSrTi2LfYnMTdu6s2Q3eq9HGflweG6uQTTh4cwFg_QsWN0KzN46zZZG3IH7W6J1tB3W7_Q64VsUL6JT24zlINwGHT5CAjNCsPqKd8N7uZLdp_cf80_z_VS8V7_ofoinBteqig_AcTWLLR6MUuoEK5naBIHRFOQxGbM36G77wrAy0Ld8ggWoWDr87Jalzy2M2Ztep0ZL3K5jIfK24MSTTQ7_qTKU6Kk1JAj5NNHq0ET1BokEznxD4Cwq8qijTlbLiexu7HFX1tLQnRGMfHZjFhvE13apETtx-oOuoxw8e5UVfw46MOYUW8bWNwo1Ry_9vvvJC2FwsVgxz2CgBJtvQxmG8B3hyH0qP0nsmRVvXXQckK96fp5Uz0-n3wtfCMPafVYZ2kOM3jGdU_LlzllJeRjRPVR6T-eKf3fh7XOK01gLsRSPKW-PrmmWJSU4YSy-algr5vS8WBjrqm82mX6phR5OVMnT3NKuCmeLRgskuLISTEsJHdZyarmqa1LiIbQvRrXamsadeJzmFkSOWUjNkn5Xfy5Bh5NRG86KrjcqiERNV5c8kW3S04W9XfUNU1HzE1cQ6pDazpKlq2WptJVN3NxebJdhwHOqQXPQBbPBHLoyO8h2yXi3wTJN26gEcaquLTGT4c

216.58.207.226

0 B

URL
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241003&jk=3566696655292068&bg=!OjmlOXbNAAax3igvkd47ADQBe5WfOBs7IQ-oACHnJrMnnxo72WYgzMMRY8C6T37Kxx5PRNpRRUSKUmLEKDUEwAfR-qS2AgAAASBSAAAAFWgBB34ANWhjMoejJutk2x1uIMIqObt7uP--CXzM0tB4ymt_VeckrQjsPYHVM9HNwa0T8CigTsPP-cbdCgDdLaX0Kjymr0w0_jVEOe3DPnSkFu5beO5_VXa4KGS5k8ZX9Fy2mnA5SIHwyW-9mog0bs7OIEY8c4ZEhGPxbI8ofbeAHOmejj8CsbYoZtsmtvsWpiq4ra5EpYrrFtLdd8sGpVeTfbLc6kOC8A9x20oA5cotQ34zs_sta3QvFJb6sa6DNwVhsFoja4SXwW154R-cioqAZh7tn9YOhR9ZaK_6OFKnu0Q8kuDvdD_cKL7Akc06dJo6tUA0PJveewVjT9Lbtd5kdoUTBQ16gbVqPJrbjtRUPim2PPqQh9Mxm7mZAfw-5bgQ2nZZKPsO1E1Xlf_bA6kwSGvPFIaOSrTi2LfYnMTdu6s2Q3eq9HGflweG6uQTTh4cwFg_QsWN0KzN46zZZG3IH7W6J1tB3W7_Q64VsUL6JT24zlINwGHT5CAjNCsPqKd8N7uZLdp_cf80_z_VS8V7_ofoinBteqig_AcTWLLR6MUuoEK5naBIHRFOQxGbM36G77wrAy0Ld8ggWoWDr87Jalzy2M2Ztep0ZL3K5jIfK24MSTTQ7_qTKU6Kk1JAj5NNHq0ET1BokEznxD4Cwq8qijTlbLiexu7HFX1tLQnRGMfHZjFhvE13apETtx-oOuoxw8e5UVfw46MOYUW8bWNwo1Ry_9vvvJC2FwsVgxz2CgBJtvQxmG8B3hyH0qP0nsmRVvXXQckK96fp5Uz0-n3wtfCMPafVYZ2kOM3jGdU_LlzllJeRjRPVR6T-eKf3fh7XOK01gLsRSPKW-PrmmWJSU4YSy-algr5vS8WBjrqm82mX6phR5OVMnT3NKuCmeLRgskuLISTEsJHdZyarmqa1LiIbQvRrXamsadeJzmFkSOWUjNkn5Xfy5Bh5NRG86KrjcqiERNV5c8kW3S04W9XfUNU1HzE1cQ6pDazpKlq2WptJVN3NxebJdhwHOqQXPQBbPBHLoyO8h2yXi3wTJN26gEcaquLTGT4c
IP
216.58.207.226:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint30:31:A6:B3:89:18:32:32:7A:F4:83:AD:06:37:D7:2B:D8:D9:5A:82
ValidityMon, 16 Sep 2024 08:55:42 GMT - Mon, 09 Dec 2024 08:55:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241003&jk=3566696655292068&bg=!OjmlOXbNAAax3igvkd47ADQBe5WfOBs7IQ-oACHnJrMnnxo72WYgzMMRY8C6T37Kxx5PRNpRRUSKUmLEKDUEwAfR-qS2AgAAASBSAAAAFWgBB34ANWhjMoejJutk2x1uIMIqObt7uP--CXzM0tB4ymt_VeckrQjsPYHVM9HNwa0T8CigTsPP-cbdCgDdLaX0Kjymr0w0_jVEOe3DPnSkFu5beO5_VXa4KGS5k8ZX9Fy2mnA5SIHwyW-9mog0bs7OIEY8c4ZEhGPxbI8ofbeAHOmejj8CsbYoZtsmtvsWpiq4ra5EpYrrFtLdd8sGpVeTfbLc6kOC8A9x20oA5cotQ34zs_sta3QvFJb6sa6DNwVhsFoja4SXwW154R-cioqAZh7tn9YOhR9ZaK_6OFKnu0Q8kuDvdD_cKL7Akc06dJo6tUA0PJveewVjT9Lbtd5kdoUTBQ16gbVqPJrbjtRUPim2PPqQh9Mxm7mZAfw-5bgQ2nZZKPsO1E1Xlf_bA6kwSGvPFIaOSrTi2LfYnMTdu6s2Q3eq9HGflweG6uQTTh4cwFg_QsWN0KzN46zZZG3IH7W6J1tB3W7_Q64VsUL6JT24zlINwGHT5CAjNCsPqKd8N7uZLdp_cf80_z_VS8V7_ofoinBteqig_AcTWLLR6MUuoEK5naBIHRFOQxGbM36G77wrAy0Ld8ggWoWDr87Jalzy2M2Ztep0ZL3K5jIfK24MSTTQ7_qTKU6Kk1JAj5NNHq0ET1BokEznxD4Cwq8qijTlbLiexu7HFX1tLQnRGMfHZjFhvE13apETtx-oOuoxw8e5UVfw46MOYUW8bWNwo1Ry_9vvvJC2FwsVgxz2CgBJtvQxmG8B3hyH0qP0nsmRVvXXQckK96fp5Uz0-n3wtfCMPafVYZ2kOM3jGdU_LlzllJeRjRPVR6T-eKf3fh7XOK01gLsRSPKW-PrmmWJSU4YSy-algr5vS8WBjrqm82mX6phR5OVMnT3NKuCmeLRgskuLISTEsJHdZyarmqa1LiIbQvRrXamsadeJzmFkSOWUjNkn5Xfy5Bh5NRG86KrjcqiERNV5c8kW3S04W9XfUNU1HzE1cQ6pDazpKlq2WptJVN3NxebJdhwHOqQXPQBbPBHLoyO8h2yXi3wTJN26gEcaquLTGT4c HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Oct 2024 18:08:29 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

steemitimages.com/640x0/https://cdn.steemitimages.com/DQmW4ryiaK7qYAHV7BQfuF3HEJwz625EeU8twvE5ntHfpBr/aave-common.177dbad9.jpg

104.21.234.125

301 Moved Permanently

129 kB

URL GET HTTP/2
steemitimages.com/640x0/https://cdn.steemitimages.com/DQmW4ryiaK7qYAHV7BQfuF3HEJwz625EeU8twvE5ntHfpBr/aave-common.177dbad9.jpg
IP
104.21.234.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerLet's Encrypt
Subjectsteemitimages.com
Fingerprint15:0E:F4:21:4F:5C:5B:28:5C:BB:84:44:B5:E9:3D:BE:84:2B:40:29
ValidityMon, 26 Aug 2024 22:58:52 GMT - Sun, 24 Nov 2024 22:58:51 GMT

File type

Size
129 kB (129221 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /640x0/https://cdn.steemitimages.com/DQmW4ryiaK7qYAHV7BQfuF3HEJwz625EeU8twvE5ntHfpBr/aave-common.177dbad9.jpg HTTP/1.1
Host: steemitimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Tue, 08 Oct 2024 18:07:57 GMT
content-type: text/html; charset=utf-8
x-request-id: Root=1-670574fd-010d19a2238c02f23743d921
vary: Origin, Accept-Encoding
location: /p/2N61tyyncFaFVtpM8rCsJzDgecVMtkz4jpzBsszXjhqan9oSxNUiLntKumUx6UXTnjRZBagC7t4wvcU8NfMFRFUUeTxXqYciwYQibrkEfPq2QTEahQD2wEJX5bpqnWRQhwYhW7YSwNYE?format=match&mode=fit&width=640
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1AUK0JDCw9P42w6UJTh2VM5ShEw52SZpKyUJ16k%2BnyW5y3dcnAAjjEHA14%2Fm2F0W%2F1IaID%2B%2BBGzjHFqYzUtixdx%2Fhni4ht8wD5pWrUsDqaqalKhAWipRARcQsxhf%2BymnU%2FzzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812ccc872368d-LHR
X-Firefox-Spdy: h2

img.diclotrans.com/img/690/630dd5a2393ad.png

104.21.54.145

200 OK

1.5 MB

URL GET HTTP/2
img.diclotrans.com/img/690/630dd5a2393ad.png
IP
104.21.54.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type

Size
1.5 MB (1516140 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/690/630dd5a2393ad.png HTTP/1.1
Host: img.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:06 GMT
content-type: image/png
content-length: 1516140
content-security-policy: block-all-mixed-content
etag: "4f8b636672093a2f966e0c23097d8d0d"
last-modified: Mon, 24 Oct 2022 13:21:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-bucket-region: us-east-1
x-amz-replication-status: COMPLETED
x-amz-request-id: 17F6DD8F1129483B
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-version-id: null
x-server: minio
cache-control: max-age=14400
cf-cache-status: HIT
age: 5065
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HeN0P%2BHLFXZCROI47t5%2BH3L6lua20qpf8aNiIa8eTs%2BT8C3Ya35xl1PWDHdP9zxpRFdrbENssztjKfaPWNx%2Btw0mRpTwT3sJ1KpPy8Gw9CisXNDlqVPeHA904TJY%2FoUWVWfQ3Ts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
server: cloudflare
cf-ray: 8cf81305cb680b69-OSL
X-Firefox-Spdy: h2

late-anxiety.com/Ys2_xupvZ.Ww5x0-ZzGAFB0CY_TE9FyGcHm-lJkKPLTMZ_lONPTQER3-MTGUUV0WN_jYhZjaMbz-JdheOfTgI_xiMjWkQl3-NnTohpkqM_zsQt5uMvj-Ux0yYzWAI_wC

88.85.69.211

200 OK

0 B

URL POST HTTP/2
late-anxiety.com/Ys2_xupvZ.Ww5x0-ZzGAFB0CY_TE9FyGcHm-lJkKPLTMZ_lONPTQER3-MTGUUV0WN_jYhZjaMbz-JdheOfTgI_xiMjWkQl3-NnTohpkqM_zsQt5uMvj-Ux0yYzWAI_wC
IP
88.85.69.211:443
ASN
#35415 Webzilla B.V.

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectlate-anxiety.com
Fingerprint90:89:AB:BE:EF:D3:BA:82:DF:30:DE:3D:32:C9:FF:E0:55:E8:C0:43
ValiditySun, 22 Sep 2024 01:49:58 GMT - Sat, 21 Dec 2024 01:49:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /Ys2_xupvZ.Ww5x0-ZzGAFB0CY_TE9FyGcHm-lJkKPLTMZ_lONPTQER3-MTGUUV0WN_jYhZjaMbz-JdheOfTgI_xiMjWkQl3-NnTohpkqM_zsQt5uMvj-Ux0yYzWAI_wC HTTP/1.1
Host: late-anxiety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 80
Origin: https://digitalhub.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:01 GMT
content-length: 0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ad.a-ads.com/2355869?size=320x100

116.202.214.170

200 OK

13 kB

URL GET HTTP/2
ad.a-ads.com/2355869?size=320x100
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11039)
Size
13 kB (13159 bytes)
Hash
b0848ffa7431d1d9fa45eff734573f77
6974b9c0f522514cb92f66f8acd2b81031de1873
875b920206862fe3ed99add5455e23441812f15a8c59ab0dc70ee919ca78d4ca

HTTP Headers

GET /2355869?size=320x100 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://dgbmining.online/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

acscdn.com/script/ut.js?cb=1728410880702

188.114.97.1

200 OK

63 kB

URL GET HTTP/2
acscdn.com/script/ut.js?cb=1728410880702
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectacscdn.com
Fingerprint6A:82:7C:F8:F4:5D:E4:37:E5:69:54:AB:B9:28:D2:33:F8:22:0E:6B
ValidityFri, 23 Aug 2024 18:38:44 GMT - Thu, 21 Nov 2024 18:38:43 GMT

File type

Size
63 kB (63280 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /script/ut.js?cb=1728410880702 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: text/javascript
x-goog-generation: 1721821314858390
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63280
x-goog-hash: crc32c=IaaDjg==, md5=57uKPgAvt8vBs8oytz5qxQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
x-guploader-uploadid: AHxI1nMaEQpR1JTWGL7y3AJZi3Wvek2bdZisDwQ02yfiVLGMsvu7td42F17RCoSFEKcTf1JGVRk
expires: Tue, 08 Oct 2024 17:59:28 GMT
cache-control: public, max-age=3600
last-modified: Wed, 24 Jul 2024 11:41:54 GMT
etag: W/"e7bb8a3e002fb7cbc1b3ca32b73e6ac5"
age: 1434
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLSa2tqS0mhBX4Q%2BKh7huBi6KXXXaZeelLpasQuZJHRPcv6GArUNRH7vbuK0qJ1hOKD5TWSBw9mzc%2FDzS1GNSJIf43IBghcjLtcwEwdrNmKCLzgHEqWg3sgFRJc4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812e7ef4756be-OSL
content-encoding: br
X-Firefox-Spdy: h2

ad.a-ads.com/2315078?size=468x60

116.202.214.170

200 OK

13 kB

URL GET HTTP/2
ad.a-ads.com/2315078?size=468x60
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11039)
Size
13 kB (13159 bytes)
Hash
1c53dfbf084f55ac22c426aba7fbad04
b9e63021554c8c801a0db4407015774a0afe2dea
fabd4480841e7b55948a8a6c48ad1f5448466d4c2e3543462d898990869700a8

HTTP Headers

GET /2315078?size=468x60 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://dgbmining.online/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

wdnem.ajscdn.com/ipp.js?id=fIgZSL1WJkO4HrKrECmVDA

188.114.96.1

204 No Content

0 B

URL GET HTTP/2
wdnem.ajscdn.com/ipp.js?id=fIgZSL1WJkO4HrKrECmVDA
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectajscdn.com
Fingerprint66:6F:82:F7:FD:58:B2:BC:16:9A:1D:8C:5E:45:2E:EE:6C:2B:F9:24
ValidityWed, 25 Sep 2024 17:07:16 GMT - Tue, 24 Dec 2024 17:07:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ipp.js?id=fIgZSL1WJkO4HrKrECmVDA HTTP/1.1
Host: wdnem.ajscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cf-cache-status: BYPASS
set-cookie: __inppu=7ec226c3-1bc1-44e8-a161-7a6b1ab77ed3; expires=Thu, 08 Oct 2026 18:07:59 GMT; path=/; secure; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7oomHs4YNnni6Pd2P%2B5ffwouUaPgKidASOwwlIhlh%2FZYz%2FhYWgaymbmPeK8CPM3MLDuo1BYIY5MYt4rqV1TIsttceafwcVmtuPIvoK4c5MJU3HVS8I3zMKIyuRRobafaZaWp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cf812debe36b503-OSL
X-Firefox-Spdy: h2

www.mypayu.com/banner/45/728x90

0.0.0.0

0 B

URL GET
www.mypayu.com/banner/45/728x90
IP
0.0.0.0:0
ASN
#0

Requested by
https://teleearnings.odoo.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /banner/45/728x90 HTTP/1.1
Host: www.mypayu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

acceptablereality.com/dTm.FUzVdWG_NYvZZaGbU-/dce0flgk_PiSjZk6lb-2n5olpSqW_Qs9tNuTvU-yxOyTzUAw_MCAD

88.85.68.219

200 OK

68 B

URL GET HTTP/2
acceptablereality.com/dTm.FUzVdWG_NYvZZaGbU-/dce0flgk_PiSjZk6lb-2n5olpSqW_Qs9tNuTvU-yxOyTzUAw_MCAD
IP
88.85.68.219:443
ASN
#35415 Webzilla B.V.

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectacceptablereality.com
Fingerprint60:0C:C2:72:25:9E:D4:88:63:6D:D6:C4:47:03:CF:4A:EC:84:96:00
ValiditySun, 08 Sep 2024 03:19:22 GMT - Sat, 07 Dec 2024 03:19:21 GMT

File type
ASCII text, with no line terminators
Size
68 B (68 bytes)
Hash
c094782391d18d2a0a285b6de6c2a9ed
33df3d5a8d139b7795330e623b5f0439f96c3134
1390f8e4f4ee7778ee9a80654d7100671039c6604e3d090a15d178bc1f3a9b75

HTTP Headers

GET /dTm.FUzVdWG_NYvZZaGbU-/dce0flgk_PiSjZk6lb-2n5olpSqW_Qs9tNuTvU-yxOyTzUAw_MCAD HTTP/1.1
Host: acceptablereality.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
Origin: https://digitalhub.odoo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: text/xml
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-origin: https://digitalhub.odoo.com
access-control-allow-credentials: true
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

cdn.diclotrans.com/sdk/v1/35408/5a90270b37f6059276f68dc741cccfd327d09f66/lib.js

188.114.97.1

200 OK

18 kB

URL GET HTTP/3
cdn.diclotrans.com/sdk/v1/35408/5a90270b37f6059276f68dc741cccfd327d09f66/lib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type
JavaScript source, ASCII text, with very long lines (5987)
Size
18 kB (17488 bytes)
Hash
f98a78ead9d9f4273259a785211cf7da
8988e3e7de43aa3066cd1b6cdecebbaa42ab4e43
7cc0ea4417f25749d50ab6962a79c45565e211e4877356fc10cf6a59092422ab

HTTP Headers

GET /sdk/v1/35408/5a90270b37f6059276f68dc741cccfd327d09f66/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://digitalhub.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: text/javascript
content-length: 4653
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 346
last-modified: Tue, 08 Oct 2024 18:02:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FotYUpshtHQ6v%2BFSOermu7lb76L1dIEvTj4WT5wNb9NvukK1le%2BDSRIeJrWr7sRUSSkqk7Rr3DDyXRS%2Fw60lljOlhKuO4cS0VBDzt%2FzjPjAr1P%2BgXf%2B%2F76XL9E8KfjHEGNctlAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d9d8f9dbfa-FRA

acceptablereality.com/dum/FEzpd.GIl/t/P/3vp/v-bqmpV/JcZCDn0e1YNNT_IG5/N_TVAPwPLYTvUe1JM/j/kw1GMoD/Eo

88.85.68.219

200 OK

699 kB

URL GET HTTP/2
acceptablereality.com/dum/FEzpd.GIl/t/P/3vp/v-bqmpV/JcZCDn0e1YNNT_IG5/N_TVAPwPLYTvUe1JM/j/kw1GMoD/Eo
IP
88.85.68.219:443
ASN
#35415 Webzilla B.V.

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectacceptablereality.com
Fingerprint60:0C:C2:72:25:9E:D4:88:63:6D:D6:C4:47:03:CF:4A:EC:84:96:00
ValiditySun, 08 Sep 2024 03:19:22 GMT - Sat, 07 Dec 2024 03:19:21 GMT

File type

Size
699 kB (699418 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dum/FEzpd.GIl/t/P/3vp/v-bqmpV/JcZCDn0e1YNNT_IG5/N_TVAPwPLYTvUe1JM/j/kw1GMoD/Eo HTTP/1.1
Host: acceptablereality.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://digitalhub.odoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: application/javascript
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

cdn.diclotrans.com/sdk/v1/34040/bfe500600de169b99e894a281262a95f03f8c19c/lib.js

188.114.97.1

200 OK

17 kB

URL GET HTTP/2
cdn.diclotrans.com/sdk/v1/34040/bfe500600de169b99e894a281262a95f03f8c19c/lib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type
JavaScript source, ASCII text, with very long lines (5983)
Size
17 kB (17258 bytes)
Hash
eed43e71198db633b64d588957297f3b
adc05dce66c0da614a0945029f2f386f3167fc8c
8d7ffe5cbaab4bc11f899c48a778044daf402f321256251720d846f19e556853

HTTP Headers

GET /sdk/v1/34040/bfe500600de169b99e894a281262a95f03f8c19c/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:07:58 GMT
content-type: text/javascript
content-length: 3268
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 3431
last-modified: Tue, 08 Oct 2024 17:10:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2AcxIt4zqVy0kWUZibpRLScWTkHlXRcG2jOx4vBdBUok4G4BvUsM7AfPgjUraMNk50HpbZsDS75p1NlsMZmzzzgSM%2FEdRlMPHD1cUDdVKas8SXy9gv43324q5FBjpZ03bXlif8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d7c86bb50c-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-ZEXPE0N80E&l=dataLayer&cx=c

142.250.74.168

200 OK

272 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-ZEXPE0N80E&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ayelads.com/display/items.php?ad=3bLasn8&s=0&h=728x90
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintE3:7D:50:8B:BE:35:97:51:F4:08:B4:CE:AE:10:BB:FB:4B:55:A1:28
ValidityMon, 16 Sep 2024 08:55:43 GMT - Mon, 09 Dec 2024 08:55:42 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
272 kB (271925 bytes)
Hash
c485df5a12fb7addef26a2fcde619c80
0c1b1286a5f73ee7b935f1def338d3c18bf714f6
bd3bb421d706c33c2fe0d41e3bd86bc55027a1e05ee42310cca04ca458f389cc

HTTP Headers

GET /gtag/js?id=G-ZEXPE0N80E&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ayelads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Oct 2024 18:08:03 GMT
expires: Tue, 08 Oct 2024 18:08:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 94958
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

e-earnings.odoo.com/web/assets/1/5bc36e7/web.assets_frontend.min.css

34.93.11.120

200 OK

678 kB

URL GET HTTP/2
e-earnings.odoo.com/web/assets/1/5bc36e7/web.assets_frontend.min.css
IP
34.93.11.120:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerLet's Encrypt
Subject*.odoo.com
Fingerprint2F:01:6E:F5:72:CD:8F:83:D2:2D:FB:F9:AC:76:9E:90:1E:87:EF:B1
ValidityWed, 07 Aug 2024 03:26:24 GMT - Tue, 05 Nov 2024 03:26:23 GMT

File type

Size
678 kB (677943 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/assets/1/5bc36e7/web.assets_frontend.min.css HTTP/1.1
Host: e-earnings.odoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://e-earnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:07:59 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 02 Oct 2024 14:48:00 GMT
content-disposition: inline; filename=web.assets_frontend.min.css
cache-control: public, max-age=31536000, immutable
expires: Wed, 08 Oct 2025 18:07:59 GMT
set-cookie: session_id=UL4CDW9KbNbHGQogYehHh21wnsZh9Tbm2tXJpoekZmvRIjatGR3CU5v1zt4BDMozT25S2VXtE6AirOrhwcQj; Expires=Wed, 08 Oct 2025 18:07:59 GMT; Max-Age=604800; HttpOnly; Path=/; Secure; SameSite=Lax
etag: W/"66fd5d20-a5837"
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

ad.a-ads.com/2355869?size=320x100

116.202.214.170

200 OK

13 kB

URL GET HTTP/2
ad.a-ads.com/2355869?size=320x100
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://coinads.online/allads.php
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11039)
Size
13 kB (13171 bytes)
Hash
193ddbec0e1a5e870927234dff9c4f96
ec7ce808b20e95468717fc0396ab84d7a38445dc
ec7292a4c743090043309cbc7330ab74e2418aedeea28828133cb1d17b3b8ce9

HTTP Headers

GET /2355869?size=320x100 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://coinads.online/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

lokilokitwo.de:10006/

89.58.15.35

101 Switching Protocols

0 B

URL GET HTTP/1.1
lokilokitwo.de:10006/
IP
89.58.15.35:10006
ASN
#197540 netcup GmbH

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerZeroSSL
Subjectlokilokione.de
FingerprintEE:4D:46:3E:64:2D:22:46:2C:6C:AF:97:36:A7:62:69:D4:75:65:AC
ValidityFri, 04 Oct 2024 00:00:00 GMT - Thu, 02 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: lokilokitwo.de:10006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://digitalhub.odoo.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ij42eezrhjzjEltGsmNMbA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: DxiIAfrUAV17yLnHJbvEpsfR3Fg=

ad.a-ads.com/2353305?size=320x50

116.202.214.170

200 OK

13 kB

URL GET HTTP/2
ad.a-ads.com/2353305?size=320x50
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11039)
Size
13 kB (13159 bytes)
Hash
af9389c5d98d85453147dd6d8fdd722f
4f19af9b5d8073582cbfdec26b53d171c58fc4f4
c1be02ee33c3d6f5ba5848fe956b4fb1d36739158cc50d176e2168a095e6cabb

HTTP Headers

GET /2353305?size=320x50 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://dgbmining.online/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

dgbmining.online/dgb.php

188.114.96.1

200 OK

1.8 kB

URL GET HTTP/2
dgbmining.online/dgb.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dgbmining.online/bits-ads.php?type=0&&ids=51
Certificate
IssuerGoogle Trust Services
Subjectdgbmining.online
Fingerprint60:72:17:0F:BF:39:FC:11:51:A3:92:A0:11:50:A7:EF:F7:8B:AA:4A
ValidityTue, 01 Oct 2024 05:54:34 GMT - Mon, 30 Dec 2024 05:54:33 GMT

File type
HTML document, ASCII text, with very long lines (1818), with no line terminators
Size
1.8 kB (1756 bytes)
Hash
5866a560754dfdd8a0ed3bf63c425d7f
b703289ac9a16f2cab0a7930e3fc14f50a90c89c
18344f1a74d7ab4b55e4b76e849164430b6aaad1c54f4b7d583c768f1a40f72a

HTTP Headers

GET /dgb.php HTTP/1.1
Host: dgbmining.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/bits-ads.php?type=0&&ids=51
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:08:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RaTOy1%2BI6xsu0e5vcOga%2Fp3hguL2OZuDJKtEDb8dF07udbl1wQhELbfrJEGNZ8UPE3nrvYoLCrc%2BkOygtVZhEkY5YjhEjj4AEi9n01%2F45YhDvdrDGmw7MukSv%2BRdD8Kp5nx9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812e91ab6b503-OSL
content-encoding: br
X-Firefox-Spdy: h2

ad.a-ads.com/2355869?size=320x100

116.202.214.170

200 OK

13 kB

URL GET HTTP/2
ad.a-ads.com/2355869?size=320x100
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11039)
Size
13 kB (13159 bytes)
Hash
b0848ffa7431d1d9fa45eff734573f77
6974b9c0f522514cb92f66f8acd2b81031de1873
875b920206862fe3ed99add5455e23441812f15a8c59ab0dc70ee919ca78d4ca

HTTP Headers

GET /2355869?size=320x100 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://dgbmining.online/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

lokilokitwo.de:10006/

89.58.15.35

101 Switching Protocols

0 B

URL GET HTTP/1.1
lokilokitwo.de:10006/
IP
89.58.15.35:10006
ASN
#197540 netcup GmbH

Requested by
https://e-earnings.odoo.com/
Certificate
IssuerZeroSSL
Subjectlokilokione.de
FingerprintEE:4D:46:3E:64:2D:22:46:2C:6C:AF:97:36:A7:62:69:D4:75:65:AC
ValidityFri, 04 Oct 2024 00:00:00 GMT - Thu, 02 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: lokilokitwo.de:10006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://e-earnings.odoo.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f8l2ZZfFGNQFuqAbVUajMw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: RxNSthVna2FWIX86m9nONU4Db4o=

apps-gb1.adsgravity.io/base/v1/ad-request

0.0.0.0

0 B

URL OPTIONS
apps-gb1.adsgravity.io/base/v1/ad-request
IP
0.0.0.0:0
ASN
#0

Requested by
https://dgbmining.online/dgb.php

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /base/v1/ad-request HTTP/1.1
Host: apps-gb1.adsgravity.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dgbmining.online/
Origin: https://dgbmining.online
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

late-anxiety.com/aTWX5Dw/Y.WydmlhQ/2b9ykvZFTW9b6-bw2S5TlUS/WlQQ9aNtTMUzyrOWTKQf5aO/CB0/1ONzTkI/5WNwDzkW5V

88.85.69.211

200 OK

1.7 kB

URL GET HTTP/2
late-anxiety.com/aTWX5Dw/Y.WydmlhQ/2b9ykvZFTW9b6-bw2S5TlUS/WlQQ9aNtTMUzyrOWTKQf5aO/CB0/1ONzTkI/5WNwDzkW5V
IP
88.85.69.211:443
ASN
#35415 Webzilla B.V.

Requested by
https://digitalhub.odoo.com/
Certificate
IssuerLet's Encrypt
Subjectlate-anxiety.com
Fingerprint90:89:AB:BE:EF:D3:BA:82:DF:30:DE:3D:32:C9:FF:E0:55:E8:C0:43
ValiditySun, 22 Sep 2024 01:49:58 GMT - Sat, 21 Dec 2024 01:49:57 GMT

File type
JavaScript source, ASCII text, with very long lines (1770), with no line terminators
Size
1.7 kB (1711 bytes)
Hash
6e25b39566606a8aa029dfb6e8cf7012
46783bf435efbbf9c83bbda57580b3d0d6b91290
c99ea1ef3a7aed60152d83500d10afa32dfe4e97a8ab6322adc3e0c2fd413537

HTTP Headers

GET /aTWX5Dw/Y.WydmlhQ/2b9ykvZFTW9b6-bw2S5TlUS/WlQQ9aNtTMUzyrOWTKQf5aO/CB0/1ONzTkI/5WNwDzkW5V HTTP/1.1
Host: late-anxiety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://digitalhub.odoo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:00 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

cdn.diclotrans.com/sdk/v1/33992/40152f9ed9185918187b08d034756019fef063c2/lib.js

188.114.97.1

200 OK

18 kB

URL GET HTTP/2
cdn.diclotrans.com/sdk/v1/33992/40152f9ed9185918187b08d034756019fef063c2/lib.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerGoogle Trust Services
Subjectdiclotrans.com
FingerprintD6:F5:96:1E:96:63:5E:E6:C6:D6:69:C0:3E:D8:AC:90:FA:AD:D2:C2
ValidityWed, 28 Aug 2024 06:31:31 GMT - Tue, 26 Nov 2024 06:31:30 GMT

File type
JavaScript source, ASCII text, with very long lines (5987)
Size
18 kB (17490 bytes)
Hash
5d485a6e6e5eeb1d672021db104e2843
fcd6a73ec7dee777d01b3cf454e8d8c58a6e98d2
b0a8c299daa1c69de98c5a0869527428ad87deb6d994440b70f8d9a7545e6cf4

HTTP Headers

GET /sdk/v1/33992/40152f9ed9185918187b08d034756019fef063c2/lib.js HTTP/1.1
Host: cdn.diclotrans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teleearnings.odoo.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 08 Oct 2024 18:07:58 GMT
content-type: text/javascript
content-length: 4652
cache-control: public, max-age=14400, s-maxage=3600, proxy-revalidate
referrer-policy: origin
vary: accept-encoding
content-encoding: gzip
cf-cache-status: HIT
age: 3431
last-modified: Tue, 08 Oct 2024 17:10:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zlo0WDwfkNAdz33rVty8sSyXKptYULlk4j%2FvE9o4bw68MLNLoLAoDDcFt9cfol6QaIZ47AKokdhVlvIapdqmLZtgKvNaJeTHqpZD5UXVAkD1wW5%2BUkhJrQkG93fKx673Tzr%2FseY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cf812d8498eb50c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ad.a-ads.com/2315078?size=468x60

116.202.214.170

200 OK

13 kB

URL GET HTTP/2
ad.a-ads.com/2315078?size=468x60
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://dgbmining.online/dgb.php
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11039)
Size
13 kB (13168 bytes)
Hash
206f52e8b150838b7e1bb5f9f2c35a03
85f2768f87209e38189d9941c538de7cd663803f
5ce797ae81a968cf9f5729078c882d18f10170ecff5cdadc09b7aa3fd84ddcf0

HTTP Headers

GET /2315078?size=468x60 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dgbmining.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:02 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://dgbmining.online/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

142.250.147.191

200 OK

5.4 kB

URL GET HTTP/3
draft.blogger.com/navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__
IP
142.250.147.191:443
ASN
#15169 GOOGLE

Requested by
https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html
Certificate
IssuerGoogle Trust Services
Subject*.blogger.com
FingerprintB5:C7:B1:4B:12:30:E3:EA:FD:99:D7:92:8F:FE:C7:23:6C:48:6B:B0
ValidityMon, 16 Sep 2024 08:54:41 GMT - Mon, 09 Dec 2024 08:54:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5533), with no line terminators
Size
5.4 kB (5359 bytes)
Hash
e24b2aba48ff59059fbe81707f488595
07ab7a1b389ce0300fe8faef3631733b57bc563f
1253c51534b8b64ba7b6f6e71223ef2f3e1792f1a7edaa0d9526fef62fbdc2f9

HTTP Headers

GET /navbar.g?targetBlogID=3405693820859981231&blogName=sofiahalbof+anime+world+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://sofiahalbofanimeworld.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://sofiahalbofanimeworld.blogspot.com/&targetPostID=1705863557195155936&blogPostOrPageUrl=https://sofiahalbofanimeworld.blogspot.com/2021/06/httpsnftgoddess.html&vt=4917251362165280488&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.3visMJpiQIc.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo99Jaq3x9bYTscBipFXsayIS-abwA%2Fm%3D__features__ HTTP/1.1
Host: draft.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sofiahalbofanimeworld.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 08 Oct 2024 18:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2237
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

lokilokitwo.de:10006/

89.58.14.251

101 Switching Protocols

0 B

URL GET HTTP/1.1
lokilokitwo.de:10006/
IP
89.58.14.251:10006
ASN
#197540 netcup GmbH

Requested by
https://teleearnings.odoo.com/
Certificate
IssuerZeroSSL
Subjectlokilokione.de
FingerprintEE:4D:46:3E:64:2D:22:46:2C:6C:AF:97:36:A7:62:69:D4:75:65:AC
ValidityFri, 04 Oct 2024 00:00:00 GMT - Thu, 02 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: lokilokitwo.de:10006
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://teleearnings.odoo.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JZHITGTHl6ofJZ1FLROdYw==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: PF68jXOX8/DAibZtX/x0kPKQNEI=

coinads.online/allads.php

188.114.96.1

200 OK

1.8 kB

URL GET HTTP/3
coinads.online/allads.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://coinads.online/bits-ads.php?type=3&ids=232&codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle&codeshow=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTcyODQxMDg4MSwiZXhwIjoxNzI4NDExMDAxfQ.kaaSXSPoMLbMtUpAtHrygXpEbd3LaeT75JEDQo7FpaM
Certificate
IssuerGoogle Trust Services
Subjectcoinads.online
Fingerprint11:13:F0:F2:5C:5B:54:CD:B8:BD:F8:62:78:1B:67:36:D2:24:26:9C
ValiditySun, 15 Sep 2024 21:31:07 GMT - Sat, 14 Dec 2024 21:31:06 GMT

File type
HTML document, ASCII text, with very long lines (1825), with no line terminators
Size
1.8 kB (1760 bytes)
Hash
72e7dab91ae453fbb35e844503edd21b
c9467b61b2a5aa4a5ab98d8c33753e7daa9cca27
d1c655d2986e3a39b1ece5acd44b582ffdab2f31840c4286d9e80b3df94cd1be

HTTP Headers

GET /allads.php HTTP/1.1
Host: coinads.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/bits-ads.php?type=3&ids=232&codeversion=azedkozkaodkaozd@ZOzeza5e65arptprtzokozkropazklekKEOKz%C3%A9)%C3%A9%C3%A0oerle&codeshow=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTcyODQxMDg4MSwiZXhwIjoxNzI4NDExMDAxfQ.kaaSXSPoMLbMtUpAtHrygXpEbd3LaeT75JEDQo7FpaM
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 08 Oct 2024 18:08:04 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOhKwUir3bwZMbCTk6cE19dOUwCDQdhmvMRAMa9CeF40OhlLGGKqLU%2B2bU0hJNoVc1t%2BZ8tiRgMghyxrglVajipcK55NPblmlN%2F36ikjSmkHMDM%2Bu7c1giyUwl5wv0fE7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cf812f908db56b9-OSL
content-encoding: br

ad.a-ads.com/2353305?size=320x50

116.202.214.170

200 OK

13 kB

URL GET HTTP/2
ad.a-ads.com/2353305?size=320x50
IP
116.202.214.170:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://coinads.online/allads.php
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
FingerprintC4:DC:49:DF:0A:63:5A:A6:E4:00:AB:0B:FD:E4:94:92:A8:77:B7:C6
ValidityWed, 27 Dec 2023 00:00:00 GMT - Sun, 26 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11039)
Size
13 kB (13159 bytes)
Hash
af9389c5d98d85453147dd6d8fdd722f
4f19af9b5d8073582cbfdec26b53d171c58fc4f4
c1be02ee33c3d6f5ba5848fe956b4fb1d36739158cc50d176e2168a095e6cabb

HTTP Headers

GET /2353305?size=320x50 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://coinads.online/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 08 Oct 2024 18:08:05 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://coinads.online/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (127)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash