c1.stylezip.info/?step_id=1&installer_id=11175216068295841919&publisher_id=930&source_id=0&page_id=0&country_code=US&locale=EN&browser_id=4&download_id=17924437041932114061&external_id=0&session_id=6906935926018149230&hardware_id=12645875702741352316&product_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video).mp3&filesize=5649KB&product_title=Audio+Downloader&installer_file_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video)&product_file_name=v930.mp3&product_download_url=http://www.youtubetomp3.com/load/YouTube/aJxrX42WcjQ/da3eec335cdcdf5838dab18ee2abaef2/&uuid=*&reffer=http://www.youtubetomp3.com
54.67.42.145301 Moved Permanently 0 B URL User Request GET HTTP/1.1 c1.stylezip.info/?step_id=1&installer_id=11175216068295841919&publisher_id=930&source_id=0&page_id=0&country_code=US&locale=EN&browser_id=4&download_id=17924437041932114061&external_id=0&session_id=6906935926018149230&hardware_id=12645875702741352316&product_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video).mp3&filesize=5649KB&product_title=Audio+Downloader&installer_file_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video)&product_file_name=v930.mp3&product_download_url=http://www.youtubetomp3.com/load/YouTube/aJxrX42WcjQ/da3eec335cdcdf5838dab18ee2abaef2/&uuid=*&reffer=http://www.youtubetomp3.com
IP 54.67.42.145:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET ADWARE_PUP W32/InstallRex.Adware Initial CnC Beacon
GET /?step_id=1&installer_id=11175216068295841919&publisher_id=930&source_id=0&page_id=0&country_code=US&locale=EN&browser_id=4&download_id=17924437041932114061&external_id=0&session_id=6906935926018149230&hardware_id=12645875702741352316&product_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video).mp3&filesize=5649KB&product_title=Audio+Downloader&installer_file_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video)&product_file_name=v930.mp3&product_download_url=http://www.youtubetomp3.com/load/YouTube/aJxrX42WcjQ/da3eec335cdcdf5838dab18ee2abaef2/&uuid=*&reffer=http://www.youtubetomp3.com HTTP/1.1
Host: c1.stylezip.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Jun 2023 2:40:56 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: http://june26.com/
23.229.130.141200 OK 11 kB URL User Request GET HTTP/2 IP 23.229.130.141:443
ASN #398101 GO-DADDY-COM-LLC
Certificate IssuerGoDaddy.com, Inc.
Subjectjune26.com
FingerprintF4:E6:CC:3E:5E:9A:0B:96:76:9D:33:19:DF:EB:1D:B5:10:9D:7C:53
ValidityThu, 08 Dec 2022 11:10:35 GMT - Tue, 09 Jan 2024 11:10:35 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4826), with CRLF line terminators
Hash f2b28b165747468c88ef4e1df60a6601
0515cb22048f232872251630c28b97bcb4f18dda
be70bd6ea6c6c0779570a02324dc1fb8847a6202faf35efb9a189ef2f19138c4
GET / HTTP/1.1
Host: june26.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-encoding: br
last-modified: Sun, 21 Feb 2021 16:22:31 GMT
accept-ranges: bytes
etag: "b21819c16d8d71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Fri, 02 Jun 2023 02:40:59 GMT
content-length: 11068
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 74549165767c62b1c25b2b655d9a876a
85535133f025ffb3850f614e90205eae4840b34e
e2ad113e81a0d7694162d9109abe7ab86413fd88f33360a588c892376588377f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:40:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 92ed3dbde061c75a8ed7ee64ca6e8685
2bc2d8a9e313286d955e15e98a2cd2bf5e2ae243
32e257639654eba5f358ba0f52caf60af79bf41e1b18c2320816bdf8f7c60f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 92ed3dbde061c75a8ed7ee64ca6e8685
2bc2d8a9e313286d955e15e98a2cd2bf5e2ae243
32e257639654eba5f358ba0f52caf60af79bf41e1b18c2320816bdf8f7c60f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 92ed3dbde061c75a8ed7ee64ca6e8685
2bc2d8a9e313286d955e15e98a2cd2bf5e2ae243
32e257639654eba5f358ba0f52caf60af79bf41e1b18c2320816bdf8f7c60f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 92ed3dbde061c75a8ed7ee64ca6e8685
2bc2d8a9e313286d955e15e98a2cd2bf5e2ae243
32e257639654eba5f358ba0f52caf60af79bf41e1b18c2320816bdf8f7c60f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img2.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.233200 OK 162 B URL GET HTTP/2 img2.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: img2.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Jun 2023 01:50:49 GMT
expires: Fri, 09 Jun 2023 01:50:49 GMT
cache-control: public, max-age=604800
last-modified: Wed, 31 May 2023 19:54:39 GMT
content-type: image/gif
age: 3011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/103638431-widget_css_bundle.css
216.58.207.233200 OK 6.3 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/103638431-widget_css_bundle.css
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type ASCII text, with very long lines (29595), with no line terminators
Hash 7cbcd1e6831c00789294150206acdf29
66ae3063cf9cb3af1659a9cbb9b6a5bb64ddd899
ba3df0b498ff7a6e19035a21d1013ae1de0ed39dfa5809ddd9dec6fc43f08d67
GET /static/v1/widgets/103638431-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6261
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 04:14:06 GMT
expires: Fri, 31 May 2024 04:14:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 19 Sep 2013 04:41:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 80814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img1.blogblog.com/img/icon18_wrench_allbkg.png
216.58.207.233200 OK 475 B URL GET HTTP/2 img1.blogblog.com/img/icon18_wrench_allbkg.png
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type PNG image data, 18 x 18, 8-bit colormap, non-interlaced\012- data
Hash f617effe6d96c15acfea8b2e8aae551f
6d676af11ad2e84b620cce4d5992b657cb2d8ab6
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
GET /img/icon18_wrench_allbkg.png HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 23:18:04 GMT
expires: Tue, 06 Jun 2023 23:18:04 GMT
cache-control: public, max-age=604800
last-modified: Tue, 30 May 2023 19:55:37 GMT
content-type: image/png
age: 184976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
216.58.211.14200 OK 22 kB URL GET HTTP/2 apis.google.com/js/plusone.js
IP 216.58.211.14:443
Certificate IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint4F:FF:C8:C8:21:72:D7:61:54:72:75:EA:84:95:AD:F2:71:2F:C6:33
ValidityMon, 08 May 2023 08:25:22 GMT - Mon, 31 Jul 2023 08:25:21 GMT
File type ASCII text, with very long lines (1576)
Hash 0cb9bb0589c1b8bba79f8920f432492d
d1460e2be4e185ee60a50e59150632afdbed0775
e61bc2a62646eca4b91ae5d9d9c334b3b8a140a4c54804b0a39ceb3e34aaa56e
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 22282
date: Fri, 02 Jun 2023 02:41:00 GMT
expires: Fri, 02 Jun 2023 02:41:00 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4af61c9c02ca9038"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/3274410642-widgets.js
216.58.207.233200 OK 35 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/3274410642-widgets.js
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type HTML document, ASCII text, with very long lines (2816)
Hash 6980721bf1405073aa8869ee79864a07
44d0d7ae9a1397759e208b6e1521f75214cff113
8da16463a0ca9e380ff5e0f106b42745ddcca2845107ba39af8b4703d5837e76
GET /static/v1/widgets/3274410642-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 34923
date: Fri, 02 Jun 2023 02:41:00 GMT
expires: Sat, 01 Jun 2024 02:41:00 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Sep 2013 06:51:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 92ed3dbde061c75a8ed7ee64ca6e8685
2bc2d8a9e313286d955e15e98a2cd2bf5e2ae243
32e257639654eba5f358ba0f52caf60af79bf41e1b18c2320816bdf8f7c60f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 7e9d63d81a25205bd12ab8b258a264e6
2dfa41d339fd897120f53297f4e0f9fa20c117c1
768ca6e8ca2f678019baeaca289964229311ea185556db48650c297dbe996136
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 92ed3dbde061c75a8ed7ee64ca6e8685
2bc2d8a9e313286d955e15e98a2cd2bf5e2ae243
32e257639654eba5f358ba0f52caf60af79bf41e1b18c2320816bdf8f7c60f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 92ed3dbde061c75a8ed7ee64ca6e8685
2bc2d8a9e313286d955e15e98a2cd2bf5e2ae243
32e257639654eba5f358ba0f52caf60af79bf41e1b18c2320816bdf8f7c60f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:41:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=4136017846432716564&zx=e4e8b99f-b7ca-417e-9823-e29adc7fefed
216.58.207.233200 OK 21 B URL GET HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=4136017846432716564&zx=e4e8b99f-b7ca-417e-9823-e29adc7fefed
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=4136017846432716564&zx=e4e8b99f-b7ca-417e-9823-e29adc7fefed HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Jun 2023 02:41:00 GMT
last-modified: Fri, 02 Jun 2023 02:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
216.58.211.14200 OK 22 kB URL GET HTTP/2 apis.google.com/js/plusone.js
IP 216.58.211.14:443
Certificate IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint4F:FF:C8:C8:21:72:D7:61:54:72:75:EA:84:95:AD:F2:71:2F:C6:33
ValidityMon, 08 May 2023 08:25:22 GMT - Mon, 31 Jul 2023 08:25:21 GMT
File type ASCII text, with very long lines (1576)
Hash 0cb9bb0589c1b8bba79f8920f432492d
d1460e2be4e185ee60a50e59150632afdbed0775
e61bc2a62646eca4b91ae5d9d9c334b3b8a140a4c54804b0a39ceb3e34aaa56e
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 22282
date: Fri, 02 Jun 2023 02:41:00 GMT
expires: Fri, 02 Jun 2023 02:41:00 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4af61c9c02ca9038"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/img/logo-16.png
216.58.207.233200 OK 279 B URL GET HTTP/3 www.blogger.com/img/logo-16.png
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 20:19:36 GMT
expires: Thu, 08 Jun 2023 20:19:36 GMT
cache-control: public, max-age=604800
last-modified: Thu, 01 Jun 2023 10:52:55 GMT
content-type: image/png
age: 22884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.wW0KrNepdTU.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g/cb=gapi.loaded_1?le=scs
216.58.211.14200 OK 17 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.wW0KrNepdTU.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g/cb=gapi.loaded_1?le=scs
IP 216.58.211.14:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (3295)
Hash 1ffa900ec432a4da997110ecc3463178
4a1f2b8311462cf5e38fb9e837a67be5da46148a
02890512be087195cf98f9d6d6f583cea4c06bf66f97a7652a76d1039dfcd7b0
GET /_/scs/abc-static/_/js/k=gapi.lb.en.wW0KrNepdTU.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 17107
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 15:14:16 GMT
expires: Fri, 31 May 2024 15:14:16 GMT
cache-control: public, max-age=31536000
age: 41204
last-modified: Fri, 28 Apr 2023 16:21:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.wW0KrNepdTU.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g/cb=gapi.loaded_0?le=scs
216.58.211.14200 OK 54 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.wW0KrNepdTU.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g/cb=gapi.loaded_0?le=scs
IP 216.58.211.14:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (1518)
Hash a8a392dbe0c850380179116c15232558
d77274c58d3c3a0f26c76728e0d8bbee388fc475
7b8961d61d85ff799f19ba0572c8e8e46c0a182886df8d8f57d5bb59345e1145
GET /_/scs/abc-static/_/js/k=gapi.lb.en.wW0KrNepdTU.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 53464
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:19:58 GMT
expires: Wed, 29 May 2024 17:19:58 GMT
cache-control: public, max-age=31536000
age: 206462
last-modified: Fri, 28 Apr 2023 16:21:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.wW0KrNepdTU.O%2Fd%3D1%2Frs%3DAHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g%2Fm%3D__features__
216.58.207.233 2.6 kB URL www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.wW0KrNepdTU.O%2Fd%3D1%2Frs%3DAHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g%2Fm%3D__features__
IP 216.58.207.233:0
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3172)
Hash b878e629544957a9d25980a5cda6e877
2ad8642729b43d7b91424498454b6895df65d625
579f23c12e0c6e21d16b9dbd167d8106d818ae55c8e422f2086bee6c8c9be8b3
GET /navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.wW0KrNepdTU.O%2Fd%3D1%2Frs%3DAHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Jun 2023 02:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2567
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/js/platform:gapi.iframes.style.common.js
216.58.211.14200 OK 22 kB URL GET HTTP/3 apis.google.com/js/platform:gapi.iframes.style.common.js
IP 216.58.211.14:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.wW0KrNepdTU.O%2Fd%3D1%2Frs%3DAHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g%2Fm%3D__features__#rpctoken=113555315&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (1576)
Hash d17bc740f03b4aa69fb9a9339d903c58
70bf00a7c92a5559cc809e6a9d170d34db5ca9b7
8bcb3049771e333c4b5b58c79a4305c610762168e187ff252c5a0c9c48e72b4d
GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 22292
date: Fri, 02 Jun 2023 02:41:01 GMT
expires: Fri, 02 Jun 2023 02:41:01 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9e460f9fe6c64f9e"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/navbar/icons_orange.png
216.58.207.233200 OK 915 B URL GET HTTP/3 resources.blogblog.com/img/navbar/icons_orange.png
IP 216.58.207.233:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.wW0KrNepdTU.O%2Fd%3D1%2Frs%3DAHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g%2Fm%3D__features__#rpctoken=113555315&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type PNG image data, 46 x 20, 8-bit colormap, non-interlaced\012- data
Hash 87f25844d23ac1ee03604e668f5c1797
85d440947d70a78672740ff7e8062f68ce9d99a3
d70c36f2f61b735573caa3dd5a1602e19916701bb88d99ff4527cd2c89fa8b72
GET /img/navbar/icons_orange.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 12:07:37 GMT
expires: Thu, 08 Jun 2023 12:07:37 GMT
cache-control: public, max-age=604800
last-modified: Wed, 31 May 2023 19:54:39 GMT
content-type: image/png
age: 52404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
resources.blogblog.com/img/navbar/arrows-blue.png
216.58.207.233200 OK 104 B URL GET HTTP/3 resources.blogblog.com/img/navbar/arrows-blue.png
IP 216.58.207.233:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.wW0KrNepdTU.O%2Fd%3D1%2Frs%3DAHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g%2Fm%3D__features__#rpctoken=113555315&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type PNG image data, 19 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash 38c95719e05f4184a301768d8de91e09
d0ed1147d46f2cf592584239a5a101d6f2abb588
259ece79a45ad7ecbcf6fb0669de61aa6a01ebedaba47a7e88283435e0e6b1be
GET /img/navbar/arrows-blue.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 21:43:03 GMT
expires: Thu, 08 Jun 2023 21:43:03 GMT
cache-control: public, max-age=604800
last-modified: Wed, 31 May 2023 19:54:39 GMT
content-type: image/png
age: 17878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.wW0KrNepdTU.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g/cb=gapi.loaded_0?le=scs
216.58.211.14200 OK 46 kB URL GET HTTP/3 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.wW0KrNepdTU.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g/cb=gapi.loaded_0?le=scs
IP 216.58.211.14:443
Requested by https://www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.wW0KrNepdTU.O%2Fd%3D1%2Frs%3DAHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g%2Fm%3D__features__#rpctoken=113555315&_methods=_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart&id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fjune26.com&pfname=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with very long lines (1518)
Hash af5451be87c3fed1eebf7180794e439f
00dd2f3a77c890d660d85e3228c16292d18f52e5
8c846694312e4e242cf688b74ac5d88d1147daf9085002d18f9ca8befb642efb
GET /_/scs/abc-static/_/js/k=gapi.lb.en.wW0KrNepdTU.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 22:54:13 GMT
expires: Wed, 29 May 2024 22:54:13 GMT
cache-control: public, max-age=31536000
age: 186408
last-modified: Fri, 28 Apr 2023 16:21:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c1.stylezip.info/?step_id=1&installer_id=11175216068295841919&publisher_id=930&source_id=0&page_id=0&country_code=US&locale=EN&browser_id=4&download_id=17924437041932114061&external_id=0&session_id=6906935926018149230&hardware_id=12645875702741352316&product_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video).mp3&filesize=5649KB&product_title=Audio+Downloader&installer_file_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video)&product_file_name=v930.mp3&product_download_url=http://www.youtubetomp3.com/load/YouTube/aJxrX42WcjQ/da3eec335cdcdf5838dab18ee2abaef2/&uuid=*&reffer=http://www.youtubetomp3.com
0.0.0.0 0 B URL User Request GET c1.stylezip.info/?step_id=1&installer_id=11175216068295841919&publisher_id=930&source_id=0&page_id=0&country_code=US&locale=EN&browser_id=4&download_id=17924437041932114061&external_id=0&session_id=6906935926018149230&hardware_id=12645875702741352316&product_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video).mp3&filesize=5649KB&product_title=Audio+Downloader&installer_file_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video)&product_file_name=v930.mp3&product_download_url=http://www.youtubetomp3.com/load/YouTube/aJxrX42WcjQ/da3eec335cdcdf5838dab18ee2abaef2/&uuid=*&reffer=http://www.youtubetomp3.com
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET ADWARE_PUP W32/InstallRex.Adware Initial CnC Beacon
GET /?step_id=1&installer_id=11175216068295841919&publisher_id=930&source_id=0&page_id=0&country_code=US&locale=EN&browser_id=4&download_id=17924437041932114061&external_id=0&session_id=6906935926018149230&hardware_id=12645875702741352316&product_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video).mp3&filesize=5649KB&product_title=Audio+Downloader&installer_file_name=Josh+Groban+-+You+Raise+Me+Up+(Official+Music+Video)&product_file_name=v930.mp3&product_download_url=http://www.youtubetomp3.com/load/YouTube/aJxrX42WcjQ/da3eec335cdcdf5838dab18ee2abaef2/&uuid=*&reffer=http://www.youtubetomp3.com HTTP/1.1
Host: c1.stylezip.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.wW0KrNepdTU.O%2Fd%3D1%2Frs%3DAHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g%2Fm%3D__features__
216.58.207.233200 OK 6.7 kB URL GET HTTP/3 www.blogger.com/navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.wW0KrNepdTU.O%2Fd%3D1%2Frs%3DAHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g%2Fm%3D__features__
IP 216.58.207.233:443
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintDE:92:6A:62:40:EC:E1:4D:B1:B9:E7:88:BD:44:5D:31:66:F5:37:5C
ValidityMon, 08 May 2023 08:19:48 GMT - Mon, 31 Jul 2023 08:19:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6888), with no line terminators
Hash c2b5a3f3c02d8ad7a104a6b1731d1a4d
cf2def7bd8f0e7d8ef4bd4f12207bf50f9d6c80e
d106a5dda4da3ead1d9c0706f3924adfa272462daed4f2dac1fd213d3d0408cc
GET /navbar.g?targetBlogID=4136017846432716564&blogName=Hiring+Job+Tweets+www.HiringJobTweets...&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=http://www.hiringjobtweets.com/search&blogLocale=en&v=2&homepageUrl=http://www.hiringjobtweets.com/&vt=815877145527136419&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.wW0KrNepdTU.O%2Fd%3D1%2Frs%3DAHpOoo8Je2IwWe-sD_xcm5fABAaEfyuc1g%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://june26.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Jun 2023 02:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2567
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.hiringjobtweets.com/favicon.ico
0.0.0.0 0 B URL GET www.hiringjobtweets.com/favicon.ico
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.hiringjobtweets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache