ocsp.pki.goog/gts1c3
471 B IP
Hash d01fcdf9d07d46c2f636f5d4761b4216
b0b5d955d4da1ad20192a71164d982626c4e723a
77273f261fedd69a83c6bd35f063e592e1aba013c76665a376d2e82a4793e052
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
organizingmadefun.blogspot.com/search/label/pet
200 OK 25 kB URL User Request GET HTTP/2 organizingmadefun.blogspot.com/search/label/pet
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1495)
Hash 7a5a7229e0d3cf38e193bc22c9aa0cc1
698293e480179df2b0290de5a9ebc747eeb27c15
ff521005e10f943b5c14093014ea72c3aa539fcdd783d3df40767601c2d6d503
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /search/label/pet HTTP/1.1
Host: organizingmadefun.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 16:35:09 GMT
date: Sat, 23 Sep 2023 16:35:09 GMT
cache-control: private, max-age=0
last-modified: Sat, 23 Sep 2023 08:14:18 GMT
etag: W/"7d56b5cae6dfeaa81026997ce817784ba4141189dbb1c0fb84d54ec92902bde0"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 25339
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash d01fcdf9d07d46c2f636f5d4761b4216
b0b5d955d4da1ad20192a71164d982626c4e723a
77273f261fedd69a83c6bd35f063e592e1aba013c76665a376d2e82a4793e052
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
organizingmadefun.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL GET HTTP/3 organizingmadefun.blogspot.com/js/cookienotice.js
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/cookienotice.js HTTP/1.1
Host: organizingmadefun.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/search/label/pet
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 23 Sep 2023 16:35:10 GMT
expires: Sat, 30 Sep 2023 16:35:10 GMT
cache-control: public, max-age=604800
last-modified: Sat, 23 Sep 2023 15:51:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
200 OK 7.8 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (35959)
Hash 1e32420a7b6ddbdcb7def8b3141c4d1e
a1be54d42ff1f95244c9653539f90318f5bc0580
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 21:47:59 GMT
expires: Tue, 17 Sep 2024 21:47:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 17:57:38 GMT
content-type: text/css
vary: Accept-Encoding
age: 413231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img1.blogblog.com/img/icon18_email.gif
200 OK 164 B URL GET HTTP/2 img1.blogblog.com/img/icon18_email.gif
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 08:49:25 GMT
expires: Mon, 25 Sep 2023 08:49:25 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 01:51:04 GMT
content-type: image/gif
age: 459945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
200 OK 162 B URL GET HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 21:38:36 GMT
expires: Mon, 25 Sep 2023 21:38:36 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 17:57:38 GMT
content-type: image/gif
age: 413794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 126b0a9f06e2940180b9f3d7bf846ee3
837d11e1daeabaeb84b17ab34e3668d5f654f5bd
0f4e2ec6b04e2bbfec447077213cb23fe5008094a636f4de026a9534a0edb691
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-erlOZ8sTo5Q/VIYftvEnwdI/AAAAAAAAKB4/0jhPJZWRffg/s1600/Copyright%2BLogo%2B-%2BFinal%2B-%2BCopy.png
200 OK 7.4 kB URL GET HTTP/2 4.bp.blogspot.com/-erlOZ8sTo5Q/VIYftvEnwdI/AAAAAAAAKB4/0jhPJZWRffg/s1600/Copyright%2BLogo%2B-%2BFinal%2B-%2BCopy.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 150 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash c15cf234aa4e4b001fb645a7996b103d
f0aefa54a9ed4d70b48c1101cf0d8a7c84804129
6c167ca1127a6957acf483842685665006f6676ce3a8b5083fc6591489d0bf3b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-erlOZ8sTo5Q/VIYftvEnwdI/AAAAAAAAKB4/0jhPJZWRffg/s1600/Copyright%2BLogo%2B-%2BFinal%2B-%2BCopy.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Copyright Logo - Final - Copy.png"
x-content-type-options: nosniff
server: fife
content-length: 7376
x-xss-protection: 0
date: Sat, 23 Sep 2023 16:35:10 GMT
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
etag: "v281f"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/562952797-widgets.js
200 OK 58 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/562952797-widgets.js
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2215)
Hash 0804e4c7fd72aea2ce34a04d9ec9686c
9f46bef1076230a1271d151a506fd1d91ae7df93
5ea4b0b19c5f030a3b42b570c07cbea89a7899f1d824a95b53ad2c4ca18a2b5c
GET /static/v1/widgets/562952797-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:21:37 GMT
expires: Thu, 19 Sep 2024 02:21:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Sep 2023 00:55:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 310413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-dGCU7h6AWnc/V6j73YBqAzI/AAAAAAAAaZA/Lt9qiI_LkNYUDknMExsUSR2WeyfJs5W2gCK4B/s417/-How%2Bto%2BOrganize%2Ba%2BComplete%2BDiet%2BChange.jpg
200 OK 42 kB URL GET HTTP/2 2.bp.blogspot.com/-dGCU7h6AWnc/V6j73YBqAzI/AAAAAAAAaZA/Lt9qiI_LkNYUDknMExsUSR2WeyfJs5W2gCK4B/s417/-How%2Bto%2BOrganize%2Ba%2BComplete%2BDiet%2BChange.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 417x278, components 3\012- data
Hash 15b7249aa0a591589f15ce29def470f5
9671a458cdc3239b1429bfc10fca804a3c50e557
640c2cdba8792bdf3081ac47ba58813378d0f72a71ef24c86579518286595327
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-dGCU7h6AWnc/V6j73YBqAzI/AAAAAAAAaZA/Lt9qiI_LkNYUDknMExsUSR2WeyfJs5W2gCK4B/s417/-How%2Bto%2BOrganize%2Ba%2BComplete%2BDiet%2BChange.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6991"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="-How to Organize a Complete Diet Change.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 41943
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-e73b-jy1K5o/V6j7L5vBsjI/AAAAAAAAaYs/ba-1u0Td-HcaD33Pr3g61tEQitxLhQYwACK4B/s417/RV%2Bhack%2Bmagazine%2Bfile%2Bpaper.jpg
200 OK 50 kB URL GET HTTP/2 3.bp.blogspot.com/-e73b-jy1K5o/V6j7L5vBsjI/AAAAAAAAaYs/ba-1u0Td-HcaD33Pr3g61tEQitxLhQYwACK4B/s417/RV%2Bhack%2Bmagazine%2Bfile%2Bpaper.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 417x417, components 3\012- data
Hash 9f6e840a777d67613e76aa586fc32393
20a43227ba7726c0aab6d76c2af0398cea09a76d
60217f738fe8bf7bac70254de1c21cd8ff4ad0892b1098f6d8a8f576f7651001
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-e73b-jy1K5o/V6j7L5vBsjI/AAAAAAAAaYs/ba-1u0Td-HcaD33Pr3g61tEQitxLhQYwACK4B/s417/RV%2Bhack%2Bmagazine%2Bfile%2Bpaper.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v698e"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="RV hack magazine file paper.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 49510
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-XMDSOouBU4Q/ViMVW6eqZCI/AAAAAAAAY3w/jgm0iM4QDmE/s417/the%2Bright%2Band%2Bthe%2Bwrong%2Bway%2Bto%2Borganize.jpg.jpg
200 OK 42 kB URL GET HTTP/2 3.bp.blogspot.com/-XMDSOouBU4Q/ViMVW6eqZCI/AAAAAAAAY3w/jgm0iM4QDmE/s417/the%2Bright%2Band%2Bthe%2Bwrong%2Bway%2Bto%2Borganize.jpg.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 417x316, components 3\012- data
Hash 2635a1ea360d5fade75acbf920cb01f4
1fc1431362eb32be2d41f108c3013902db2d3e60
473473acd3c3413c10198963d04e791fc3f101564525e3ba410da61a2c83f741
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-XMDSOouBU4Q/ViMVW6eqZCI/AAAAAAAAY3w/jgm0iM4QDmE/s417/the%2Bright%2Band%2Bthe%2Bwrong%2Bway%2Bto%2Borganize.jpg.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v637d"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="the right and the wrong way to organize.jpg.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 42018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-95HG90oV6js/U36B_i8opII/AAAAAAAATAM/bLswHmYDbbU/w72-h72-p-k-no-nu/Going+Native+Drought+Tolerant+Plants.jpg
200 OK 4.9 kB URL GET HTTP/2 2.bp.blogspot.com/-95HG90oV6js/U36B_i8opII/AAAAAAAATAM/bLswHmYDbbU/w72-h72-p-k-no-nu/Going+Native+Drought+Tolerant+Plants.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 162ff10f12b012471eec2b327173c804
9b134c404c4439cc98e93bf5da112cc63645dd3b
959af9760d5336486993ed657b1f926af9f0c3a0c2bde4534fb2a3e6addbeda6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-95HG90oV6js/U36B_i8opII/AAAAAAAATAM/bLswHmYDbbU/w72-h72-p-k-no-nu/Going+Native+Drought+Tolerant+Plants.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v4c04"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Going Native Drought Tolerant Plants.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 4921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-3yTcXVdY7wU/WAVUAD7YVdI/AAAAAAAAau4/54VTcOwTkRsll7a-fhx0rF9g8zAiFwp2ACLcB/w72-h72-p-k-no-nu/How%2Bto%2BOrganize%2BCords%2BEasily%2B.jpg
200 OK 2.8 kB URL GET HTTP/2 3.bp.blogspot.com/-3yTcXVdY7wU/WAVUAD7YVdI/AAAAAAAAau4/54VTcOwTkRsll7a-fhx0rF9g8zAiFwp2ACLcB/w72-h72-p-k-no-nu/How%2Bto%2BOrganize%2BCords%2BEasily%2B.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash deea3c70c4628c32da4994f53f75b615
a04afc78d05d4dc723ed9e68ef9cdc3145b4c0cb
e7e71635d4be45a347fc0d7e48856904f6d376b87aa5cbe30e353df6668b2b87
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-3yTcXVdY7wU/WAVUAD7YVdI/AAAAAAAAau4/54VTcOwTkRsll7a-fhx0rF9g8zAiFwp2ACLcB/w72-h72-p-k-no-nu/How%2Bto%2BOrganize%2BCords%2BEasily%2B.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6aef"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="How to Organize Cords Easily .jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 2844
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-yCzESx5iYuI/VLNl1IiT1aI/AAAAAAAAWlk/EX1eTQFN1S4/s1600/Doing%2BLaundry%2Bclean%2Band%2Bnaturally.jpg
200 OK 86 kB URL GET HTTP/2 1.bp.blogspot.com/-yCzESx5iYuI/VLNl1IiT1aI/AAAAAAAAWlk/EX1eTQFN1S4/s1600/Doing%2BLaundry%2Bclean%2Band%2Bnaturally.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 500x750, components 3\012- data
Hash 022a30787539432c6e93502b1af257ff
cea5f2bfc34dbb54299faf7d8b6846ca3a869374
64c33d1e7cc8b46880a8a5979389f18a6daf22c82c4f85e8b90d83fc1d72c3a8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-yCzESx5iYuI/VLNl1IiT1aI/AAAAAAAAWlk/EX1eTQFN1S4/s1600/Doing%2BLaundry%2Bclean%2Band%2Bnaturally.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5a5a"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Doing Laundry clean and naturally.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 85631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-qZnkKmV8_wE/VLM4450TsXI/AAAAAAAAWkA/Z3sRxrMxemE/s1600/Purse%2Bcontents.jpg
200 OK 232 kB URL GET HTTP/2 4.bp.blogspot.com/-qZnkKmV8_wE/VLM4450TsXI/AAAAAAAAWkA/Z3sRxrMxemE/s1600/Purse%2Bcontents.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1063, components 3\012- data
Size 232 kB (231521 bytes)
Hash 2d555310b3fc5560dfbc0558c48e4562
27c9c236020897047743c2d4cc2a4ef34af8dece
b3eb1d44d6a0066d69b8963ee54de7ac9b543e09a02bbb12e735d04fbab18a94
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-qZnkKmV8_wE/VLM4450TsXI/AAAAAAAAWkA/Z3sRxrMxemE/s1600/Purse%2Bcontents.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5a41"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Purse contents.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 231521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-9NXyUib-HqQ/VDwLEdrQHPI/AAAAAAAAJDM/lWbg4aWd8xU/s1600/aboutblurb_03.png
200 OK 29 kB URL GET HTTP/2 3.bp.blogspot.com/-9NXyUib-HqQ/VDwLEdrQHPI/AAAAAAAAJDM/lWbg4aWd8xU/s1600/aboutblurb_03.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 647 x 410, 8-bit/color RGBA, non-interlaced\012- data
Hash cc3a54a84f095b574790d8b977b50d40
da23f1fe87b10f6c8ea96c5b6747584143147a79
38a0f359d52efe0356738889f0db0de58c0f8d36855035a0243b4076b8aecdad
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-9NXyUib-HqQ/VDwLEdrQHPI/AAAAAAAAJDM/lWbg4aWd8xU/s1600/aboutblurb_03.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v2434"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="aboutblurb_03.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 29241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-scMm9RctaSc/VJhr4MNB40I/AAAAAAAAWTg/B7jgOz-kOzY/s1600/No%2BLink%2BBanner.png
200 OK 20 kB URL GET HTTP/2 4.bp.blogspot.com/-scMm9RctaSc/VJhr4MNB40I/AAAAAAAAWTg/B7jgOz-kOzY/s1600/No%2BLink%2BBanner.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 750 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash f68408c7f80d61ff620c01bc9596e356
76501e26b74bbf5a2022042c300599f02dff11a8
924edaea2bb58f50b1609138b100bfa6d8d52cf39c56621d837dc9da640dfc0c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-scMm9RctaSc/VJhr4MNB40I/AAAAAAAAWTg/B7jgOz-kOzY/s1600/No%2BLink%2BBanner.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5939"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="No Link Banner.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 19571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-fPVzBuAy16U/Um_1U3XsFyI/AAAAAAAARXI/0qGQEdHg9LE/w72-h72-p-k-no-nu/11+Ways+to+organize+with+a+carabiner.jpg
200 OK 3.0 kB URL GET HTTP/2 1.bp.blogspot.com/-fPVzBuAy16U/Um_1U3XsFyI/AAAAAAAARXI/0qGQEdHg9LE/w72-h72-p-k-no-nu/11+Ways+to+organize+with+a+carabiner.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c8b5f3296e073c7de3b2f1f23f6f2f23
293b396897aed0616118f8fc3137adf9cecd9f36
f05f6a60727eb2bc2f360626f2787b369728308244bee06a20359a848931a8ae
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-fPVzBuAy16U/Um_1U3XsFyI/AAAAAAAARXI/0qGQEdHg9LE/w72-h72-p-k-no-nu/11+Ways+to+organize+with+a+carabiner.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6682"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="11 Ways to organize with a carabiner.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 3045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/show_ads.js
200 OK 7.9 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/show_ads.js
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3722)
Hash 1e9225cb4fb78a8fb4e6cb83db330e83
eded94ea0b2267be461983025fb90bcbb13dc2e2
7423532d234631df69e9967df3ce30f5c860814d272bdb048d07ab5e1fcd2a14
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 16:35:10 GMT
expires: Sat, 23 Sep 2023 16:35:10 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6466679493332306164
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7889
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-kOOAfOxNOhQ/VIYDmf-VBXI/AAAAAAAAKAk/HV_s2YlLTVc/s1600/Popular%2BPosts.png
200 OK 3.6 kB URL GET HTTP/2 1.bp.blogspot.com/-kOOAfOxNOhQ/VIYDmf-VBXI/AAAAAAAAKAk/HV_s2YlLTVc/s1600/Popular%2BPosts.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 300 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash 72596aa156a266e2fff4e5ff905b910a
8d37f4746b767646e94350bb875e908e7465fbe7
497651db9b1715e007ff31ce86ce99cdbbd684e577f6b310537812fb4669eb98
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-kOOAfOxNOhQ/VIYDmf-VBXI/AAAAAAAAKAk/HV_s2YlLTVc/s1600/Popular%2BPosts.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v280d"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Popular Posts.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 3584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-ZU6WG2Xjt9I/VeFJTcKwp5I/AAAAAAAAYjk/o7wOrLkHR6Q/s1600-r/home%2Boffice%2Bcords%2Bhidden%2Bwith%2Bpegboard.jpg
200 OK 277 kB URL GET HTTP/2 1.bp.blogspot.com/-ZU6WG2Xjt9I/VeFJTcKwp5I/AAAAAAAAYjk/o7wOrLkHR6Q/s1600-r/home%2Boffice%2Bcords%2Bhidden%2Bwith%2Bpegboard.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1379x1600, components 3\012- data
Size 277 kB (276937 bytes)
Hash 33e9d3b44eb2d3b3f504bae4aa7adf5c
36f2b552941916562cbf2037d2c9fa76e32dbd45
ec6dbc4eb4119dce8c6f2158c18d096f23bc15a9b509f39697b34ee034246e3b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-ZU6WG2Xjt9I/VeFJTcKwp5I/AAAAAAAAYjk/o7wOrLkHR6Q/s1600-r/home%2Boffice%2Bcords%2Bhidden%2Bwith%2Bpegboard.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v623a"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="home office cords hidden with pegboard.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 276937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash aeafca61929af48f5ce5cc58fdaaed3c
f9c7530a7c334f9199f83a568fea5392ad41c8b9
a9b7cb4305b51e6964e793e0d5fb329c39c5cb8a1f7dafcc25b0074687abe954
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-rnI2nH6ZELQ/V_Lu8F9H4zI/AAAAAAAAaos/ZR5RgZ4jGaUhxVICFH9d6g0ktBzKftXSgCLcB/s640/12%2BWays%2Bto%2BOrganize%2Bwith%2BCommand%2BHooks.jpg
200 OK 36 kB URL GET HTTP/2 4.bp.blogspot.com/-rnI2nH6ZELQ/V_Lu8F9H4zI/AAAAAAAAaos/ZR5RgZ4jGaUhxVICFH9d6g0ktBzKftXSgCLcB/s640/12%2BWays%2Bto%2BOrganize%2Bwith%2BCommand%2BHooks.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 310x400, components 3\012- data
Hash dd68dd81c6ad89911692959c83243799
17d797bbac20aac6212ea314e73d19ffa6abf79a
bfedacc2c7d5dc94a6621c4d93000572108fb58c8df34711088304b1cb074608
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-rnI2nH6ZELQ/V_Lu8F9H4zI/AAAAAAAAaos/ZR5RgZ4jGaUhxVICFH9d6g0ktBzKftXSgCLcB/s640/12%2BWays%2Bto%2BOrganize%2Bwith%2BCommand%2BHooks.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6a8c"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="12 Ways to Organize with Command Hooks.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 36406
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-Lx4MTr08Xsw/Vx7Y70mqPGI/AAAAAAAAZ3w/O5PeBuHDSYQOnUjxJlISMUxRyHa0sqpVQCLcB/s400/10%2BCauses%2Band%2BCures%2Bfor%2BClutter.jpg
200 OK 35 kB URL GET HTTP/2 2.bp.blogspot.com/-Lx4MTr08Xsw/Vx7Y70mqPGI/AAAAAAAAZ3w/O5PeBuHDSYQOnUjxJlISMUxRyHa0sqpVQCLcB/s400/10%2BCauses%2Band%2BCures%2Bfor%2BClutter.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x398, components 3\012- data
Hash e4bef36ebc086a2e24cbcb6fd59ddad6
2a4797999d7a9b26a19b58b0a74fcbf99bf35fbd
063e295868c7d7a40ed1a82a7f11d6e6eff70a42519453e9d25b6fdc4ac4731e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Lx4MTr08Xsw/Vx7Y70mqPGI/AAAAAAAAZ3w/O5PeBuHDSYQOnUjxJlISMUxRyHa0sqpVQCLcB/s400/10%2BCauses%2Band%2BCures%2Bfor%2BClutter.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v677d"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="10 Causes and Cures for Clutter.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 34625
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-G4MejJHlCqQ/UAJS1vODFYI/AAAAAAAAEGo/GvG6xSR8wWo/w72-h72-p-k-no-nu/Patio+Cover+collage+1.jpg
200 OK 4.5 kB URL GET HTTP/2 1.bp.blogspot.com/-G4MejJHlCqQ/UAJS1vODFYI/AAAAAAAAEGo/GvG6xSR8wWo/w72-h72-p-k-no-nu/Patio+Cover+collage+1.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 50788bdd2b39707e7183e312ed5d2236
3ae6a817ef631ff370ad69c04d735ab0ba394897
22eb47ec39747e33901e32c372f59718b2c796f9dd10a6c6cf8d4ad5d4e90a4e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-G4MejJHlCqQ/UAJS1vODFYI/AAAAAAAAEGo/GvG6xSR8wWo/w72-h72-p-k-no-nu/Patio+Cover+collage+1.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5193"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Patio Cover collage 1.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 4521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-eUX0oi3dbd0/U4-w3FRwzGI/AAAAAAAATG8/qE05hVgxKLM/w72-h72-p-k-no-nu/11+Ways+to+Organize+Flip+Flops.jpg
200 OK 4.9 kB URL GET HTTP/2 3.bp.blogspot.com/-eUX0oi3dbd0/U4-w3FRwzGI/AAAAAAAATG8/qE05hVgxKLM/w72-h72-p-k-no-nu/11+Ways+to+Organize+Flip+Flops.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 25e55acc4d7d02d0fa4c3f6a1896d11a
f89982c2f1a3f35f8a8689c10d471cfc0378ea6d
232ea1dd2330f6bb681023a23bed136d576d8dc54f44a2df0b962ed3fb20378e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-eUX0oi3dbd0/U4-w3FRwzGI/AAAAAAAATG8/qE05hVgxKLM/w72-h72-p-k-no-nu/11+Ways+to+Organize+Flip+Flops.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v4caf"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="11 Ways to Organize Flip Flops.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 4922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-KdpdYDhy4Fw/WBeMflY6kKI/AAAAAAAAa48/usgfy28rqoogAv7_gxnilCimxUWGZjnGACK4B/s417/how%2Bto%2Bhave%2Ba%2Bfake%2Bimmaculate%2Bhouse%2BFB%2Bsquare%2B860.jpg
200 OK 33 kB URL GET HTTP/2 2.bp.blogspot.com/-KdpdYDhy4Fw/WBeMflY6kKI/AAAAAAAAa48/usgfy28rqoogAv7_gxnilCimxUWGZjnGACK4B/s417/how%2Bto%2Bhave%2Ba%2Bfake%2Bimmaculate%2Bhouse%2BFB%2Bsquare%2B860.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 417x417, components 3\012- data
Hash 4f639d4ca6f046928c02e449e24bab21
4ecbbe49e5807cd2a90f8d1e4f579bb0740a1387
ed0cd493a51435aaba5c6df4d1b29f1c9ea2603bbd069306f0add087b07481de
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-KdpdYDhy4Fw/WBeMflY6kKI/AAAAAAAAa48/usgfy28rqoogAv7_gxnilCimxUWGZjnGACK4B/s417/how%2Bto%2Bhave%2Ba%2Bfake%2Bimmaculate%2Bhouse%2BFB%2Bsquare%2B860.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6b90"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="how to have a fake immaculate house FB square 860.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 33333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-5SChGgIvVmA/UoJ0nvGYRiI/AAAAAAAARi0/4-lhP_HPkZA/w72-h72-p-k-no-nu/11+Ways+to+Organize+Purses.jpg
200 OK 4.1 kB URL GET HTTP/2 4.bp.blogspot.com/-5SChGgIvVmA/UoJ0nvGYRiI/AAAAAAAARi0/4-lhP_HPkZA/w72-h72-p-k-no-nu/11+Ways+to+Organize+Purses.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d4e9cf8fc74e53a8c1d1eba780cf9f41
39c43e2c8a1460d92bb12a9e6a851c01700d3d23
bef856cdc0ade5b5b342b834afb5ae91359297bb10e411e249c37ea3502ecac5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-5SChGgIvVmA/UoJ0nvGYRiI/AAAAAAAARi0/4-lhP_HPkZA/w72-h72-p-k-no-nu/11+Ways+to+Organize+Purses.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v761e"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="11 Ways to Organize Purses.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 4097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a92bb4fa44dc5e89db73ebc0e40801f9
7f0416f383c857c48006658e927f4de597472863
e511500b4244c44623b4953f149d51e0ca0ab43098038aceaea5f9ce0740c3b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-LGe9ab2ymgM/VWYoRdNZ9yI/AAAAAAAAX0k/9IufRw6N9Do/s1600/how%2Bto%2Bhave%2Ba%2Bfake%2Bimmaculate%2Bhome.jpg
200 OK 79 kB URL GET HTTP/2 3.bp.blogspot.com/-LGe9ab2ymgM/VWYoRdNZ9yI/AAAAAAAAX0k/9IufRw6N9Do/s1600/how%2Bto%2Bhave%2Ba%2Bfake%2Bimmaculate%2Bhome.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1024x1024, components 3\012- data
Hash cb12e76db499113e0832c73188229a8e
853e0d40bb4dcd74ad23c95d01ecbe1f2b364e57
0b7a649a264f8603f425d5431090f7d61290badb4e0e07fcdcfac144736e67e2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-LGe9ab2ymgM/VWYoRdNZ9yI/AAAAAAAAX0k/9IufRw6N9Do/s1600/how%2Bto%2Bhave%2Ba%2Bfake%2Bimmaculate%2Bhome.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5f4a"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="how to have a fake immaculate home.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 78557
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-JSxhgVAF44A/WHUxzRvSPXI/AAAAAAAAbIw/97VtnHK-pPgoV4C1WfGvS-8aUAuUD1PggCK4B/s417/Weightloss%2Bjourney.jpg
200 OK 53 kB URL GET HTTP/2 3.bp.blogspot.com/-JSxhgVAF44A/WHUxzRvSPXI/AAAAAAAAbIw/97VtnHK-pPgoV4C1WfGvS-8aUAuUD1PggCK4B/s417/Weightloss%2Bjourney.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 417x306, components 3\012- data
Hash 261e3855af1cc0b973ce3b3d6b3b6470
544ae870081b2848b9f689efe9a182f9901553fc
1a55a2a086546a18c6f7428433481126265ae5f62035d8d5d0f469e2be36e9c0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-JSxhgVAF44A/WHUxzRvSPXI/AAAAAAAAbIw/97VtnHK-pPgoV4C1WfGvS-8aUAuUD1PggCK4B/s417/Weightloss%2Bjourney.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6c8f"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Weightloss journey.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 53139
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-J9szN6qZRu8/VIYEa8tBw1I/AAAAAAAAKBA/bQvOO0r_sw0/s1600/Button2.png
200 OK 11 kB URL GET HTTP/2 2.bp.blogspot.com/-J9szN6qZRu8/VIYEa8tBw1I/AAAAAAAAKBA/bQvOO0r_sw0/s1600/Button2.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 165bf4f60c029c6e47a91fe0a70f52c6
6407340507cfbb8f06d44daa9d90aa0851b87ece
e96c173c7caa7a0c181a7e5f0eb508b8de944834216bd14f1e038b630f0c9627
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-J9szN6qZRu8/VIYEa8tBw1I/AAAAAAAAKBA/bQvOO0r_sw0/s1600/Button2.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v2811"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Button2.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 11341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-fMmbXUP6Hk0/VDwL-8vXIyI/AAAAAAAAJDU/sQ4uicN1pLY/s1600/Dividerline.png
200 OK 319 B URL GET HTTP/2 1.bp.blogspot.com/-fMmbXUP6Hk0/VDwL-8vXIyI/AAAAAAAAJDU/sQ4uicN1pLY/s1600/Dividerline.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 1050 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 0bfaa4fc35f5dda6f32eb8142c110d90
6a5861c042f0423894ec7d6300b4ede67bc33641
0bb83307777a1c5fac3f141852930868c0aee5bba46b15a1d66b452e061b9b0c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-fMmbXUP6Hk0/VDwL-8vXIyI/AAAAAAAAJDU/sQ4uicN1pLY/s1600/Dividerline.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v2436"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Dividerline.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 319
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/--V3AnCj5oe8/Ud7xvFD-FcI/AAAAAAAAPuk/kI1c2QyWlyA/w72-h72-p-k-no-nu/under+stairs+collage.jpg
200 OK 4.5 kB URL GET HTTP/2 3.bp.blogspot.com/--V3AnCj5oe8/Ud7xvFD-FcI/AAAAAAAAPuk/kI1c2QyWlyA/w72-h72-p-k-no-nu/under+stairs+collage.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 8f32369d8350b14a51c5b1f4f5fcf5ce
6bf62fc6a9777f017812e7122a39340d7b80a021
1441cf8416f65d12cafe6c045fa846fea2d4aeca708d4332344082b4e897a133
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /--V3AnCj5oe8/Ud7xvFD-FcI/AAAAAAAAPuk/kI1c2QyWlyA/w72-h72-p-k-no-nu/under+stairs+collage.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v3eea"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="under stairs collage.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 4508
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-i9hgkRL8LZo/WHUyLvHQNpI/AAAAAAAAbI4/ReU1Vyi0U3QIYtUzAL81DV0Kz4ahWPNZQCK4B/s417/How%2Bto%2BStay%2BMotivated%2Bto%2Bkeep%2Borganized%2Ball%2Byear%2Blong.jpg.jpg
200 OK 47 kB URL GET HTTP/2 2.bp.blogspot.com/-i9hgkRL8LZo/WHUyLvHQNpI/AAAAAAAAbI4/ReU1Vyi0U3QIYtUzAL81DV0Kz4ahWPNZQCK4B/s417/How%2Bto%2BStay%2BMotivated%2Bto%2Bkeep%2Borganized%2Ball%2Byear%2Blong.jpg.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 417x340, components 3\012- data
Hash 082b0474062fc554abed1a5a8118ea08
d70f9be37a5965f33e8df9e4434df3bdcccebe9f
1ed5c77b03d4a339da4db2e389adafe7c00c06d150c23fa7aa8d4507166a0b1f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-i9hgkRL8LZo/WHUyLvHQNpI/AAAAAAAAbI4/ReU1Vyi0U3QIYtUzAL81DV0Kz4ahWPNZQCK4B/s417/How%2Bto%2BStay%2BMotivated%2Bto%2Bkeep%2Borganized%2Ball%2Byear%2Blong.jpg.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6c8f"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="How to Stay Motivated to keep organized all year long.jpg.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 46933
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-jbH3gh-zLQI/VFf4BfyjI4I/AAAAAAAAJd4/wl9bF730464/s1600/Headshot_AboutBlurb_2.jpg
200 OK 245 kB URL GET HTTP/2 4.bp.blogspot.com/-jbH3gh-zLQI/VFf4BfyjI4I/AAAAAAAAJd4/wl9bF730464/s1600/Headshot_AboutBlurb_2.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1514x1600, components 3\012- data
Size 245 kB (245394 bytes)
Hash 9b90339496bbf594615b6a9bf2979f61
fac2ca852ca16933b71c0e89312cc9def3c2f1d8
3fe5eeb95ad3d6f1ee135e43cfdae4c92f75732111cedba12c4ceeca5de480fd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-jbH3gh-zLQI/VFf4BfyjI4I/AAAAAAAAJd4/wl9bF730464/s1600/Headshot_AboutBlurb_2.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v4fbd"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Headshot_AboutBlurb_2.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 245394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-7u1TPZ4PYr0/WBoSUsb_5-I/AAAAAAAAa6E/xlRpMemvKk0XQH3OR4LRhxVyhXI5m3c1wCK4B/s1600/How%2Bto%2Bbecome%2Ba%2Bprofessional%2Borganizer.jpg
200 OK 183 kB URL GET HTTP/2 2.bp.blogspot.com/-7u1TPZ4PYr0/WBoSUsb_5-I/AAAAAAAAa6E/xlRpMemvKk0XQH3OR4LRhxVyhXI5m3c1wCK4B/s1600/How%2Bto%2Bbecome%2Ba%2Bprofessional%2Borganizer.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1327, components 3\012- data
Size 183 kB (183426 bytes)
Hash 0e4682360d5c642dc7e59aff27549586
376e7c92bcc29f049527c4f9cb3cb9c867b22feb
a6d1b4679fbce971545a7e94da022ea6a94a5ee90884041f33ae0727c3d6fb3e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-7u1TPZ4PYr0/WBoSUsb_5-I/AAAAAAAAa6E/xlRpMemvKk0XQH3OR4LRhxVyhXI5m3c1wCK4B/s1600/How%2Bto%2Bbecome%2Ba%2Bprofessional%2Borganizer.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6ba2"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="How to become a professional organizer.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 183426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 04c3317215dbb6290c22b51fb76ba3fd
4f6dd945ef1d6d3ff6863608e7f26b1ba0b00134
47ca7e2430599f81f776f12dfad83f9a89ac22c636adfdfbb7b001e3b9167c16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-tAePY0RYxTc/VLM94zuEI-I/AAAAAAAAWkY/Lf91tg4UlGE/s1600/Before%2Band%2BAfter%2Bon%2Btop%2Bof%2Beach%2Bother.jpg
200 OK 142 kB URL GET HTTP/2 1.bp.blogspot.com/-tAePY0RYxTc/VLM94zuEI-I/AAAAAAAAWkY/Lf91tg4UlGE/s1600/Before%2Band%2BAfter%2Bon%2Btop%2Bof%2Beach%2Bother.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 609x750, components 3\012- data
Size 142 kB (142537 bytes)
Hash 02418602e41ebecacaa6f4db35e2b3fb
86c5e07ed33f54d43732c23f656895db0194b437
3acc883a390b4039f7a6bee2c18b22d143f9a95b70b3807f4aa3a6ef99f9c4e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-tAePY0RYxTc/VLM94zuEI-I/AAAAAAAAWkY/Lf91tg4UlGE/s1600/Before%2Band%2BAfter%2Bon%2Btop%2Bof%2Beach%2Bother.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v5a47"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Before and After on top of each other.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 142537
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-KstgU72vw74/VIYDmBz_upI/AAAAAAAAKAY/d_FPT56nifk/s1600/Labels.png
200 OK 2.8 kB URL GET HTTP/2 1.bp.blogspot.com/-KstgU72vw74/VIYDmBz_upI/AAAAAAAAKAY/d_FPT56nifk/s1600/Labels.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 300 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash b97c4af74dd18b35a81aab3718a99438
34a74456f2d4857d6276b3e8d5017c5a1b9dd171
ffb74d394e26ebff0112a46f436ddb5c12e525b1672513c99473120a4e276b38
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-KstgU72vw74/VIYDmBz_upI/AAAAAAAAKAY/d_FPT56nifk/s1600/Labels.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v280b"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Labels.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 2846
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 04c3317215dbb6290c22b51fb76ba3fd
4f6dd945ef1d6d3ff6863608e7f26b1ba0b00134
47ca7e2430599f81f776f12dfad83f9a89ac22c636adfdfbb7b001e3b9167c16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-a5sL2_lJVUw/Vx7Re6yACzI/AAAAAAAAZ3Y/rZyhxA0ElXk9656me5ow7RUWJp6HZRH6QCLcB/w72-h72-p-k-no-nu/Cleanhousewithwriting-1.png
200 OK 6.9 kB URL GET HTTP/2 1.bp.blogspot.com/-a5sL2_lJVUw/Vx7Re6yACzI/AAAAAAAAZ3Y/rZyhxA0ElXk9656me5ow7RUWJp6HZRH6QCLcB/w72-h72-p-k-no-nu/Cleanhousewithwriting-1.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 6ef15a86e0779d48803f51b065c5558c
6a2634fc14d8d02e199b14c7c2e5fc0a159a03c7
09a73fe2cb63e9689085aa1cb5c591b9a352b1190e216ad7d75e8366b069052f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-a5sL2_lJVUw/Vx7Re6yACzI/AAAAAAAAZ3Y/rZyhxA0ElXk9656me5ow7RUWJp6HZRH6QCLcB/w72-h72-p-k-no-nu/Cleanhousewithwriting-1.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v6777"
expires: Sun, 24 Sep 2023 16:35:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Cleanhousewithwriting-1.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:11 GMT
server: fife
content-length: 6916
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-eDm_KZboCYM/Vrv_FYtVbII/AAAAAAAAZeA/md41Nvi3PFk/s640/11%2BWays%2Bto%2BOrganize%2BYour%2BPets.jpg
200 OK 80 kB URL GET HTTP/2 2.bp.blogspot.com/-eDm_KZboCYM/Vrv_FYtVbII/AAAAAAAAZeA/md41Nvi3PFk/s640/11%2BWays%2Bto%2BOrganize%2BYour%2BPets.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x377, components 3\012- data
Hash c6fad95e84fb61e1d5c638b28d79f247
4703ca097b3d12b6b4d66277d28f05c94291bbeb
5e0ed16cfa03deefcfb28a298ca68c72eaf6366d8e02f5b19c1b37a5f514b0b4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-eDm_KZboCYM/Vrv_FYtVbII/AAAAAAAAZeA/md41Nvi3PFk/s640/11%2BWays%2Bto%2BOrganize%2BYour%2BPets.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v65e1"
expires: Sun, 24 Sep 2023 16:35:10 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="11 Ways to Organize Your Pets.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:10 GMT
server: fife
content-length: 79622
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-m7lsng1B6gA/VJhglPJs8mI/AAAAAAAAKEI/cbUWPS5M5_k/s1600/Archive-crop.png
200 OK 2.3 kB URL GET HTTP/2 3.bp.blogspot.com/-m7lsng1B6gA/VJhglPJs8mI/AAAAAAAAKEI/cbUWPS5M5_k/s1600/Archive-crop.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 125 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash 07003ab2e28df8511d8515f6d1bd8fb9
cc8072ae55371997244c7eec68f0228068d83126
f99694abd763a77f5e0ede3eb52923ac0c78b5068bf6eb9d87658e54fa3eca38
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-m7lsng1B6gA/VJhglPJs8mI/AAAAAAAAKEI/cbUWPS5M5_k/s1600/Archive-crop.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v2843"
expires: Sun, 24 Sep 2023 16:35:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Archive-crop.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:11 GMT
server: fife
content-length: 2271
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-c3S4bnA54VE/VdAkA7BUWdI/AAAAAAAAYd4/4POtUeYgSp8/w72-h72-p-k-no-nu/hiding%2Bugly%2Bthings.jpg
200 OK 3.1 kB URL GET HTTP/2 2.bp.blogspot.com/-c3S4bnA54VE/VdAkA7BUWdI/AAAAAAAAYd4/4POtUeYgSp8/w72-h72-p-k-no-nu/hiding%2Bugly%2Bthings.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 13c3c849584bbad0595e58e4ca13ae55
0130429ad45f6ceb252eecb6b38ed8ceff1bbb04
7eb5a519d93c7ebae906995aaea3c98622eec3ec49c420567433a448608ffd16
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-c3S4bnA54VE/VdAkA7BUWdI/AAAAAAAAYd4/4POtUeYgSp8/w72-h72-p-k-no-nu/hiding%2Bugly%2Bthings.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v61df"
expires: Sun, 24 Sep 2023 16:35:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hiding ugly things.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:11 GMT
server: fife
content-length: 3140
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 51 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3920)
Hash 6cb795ef37ebc8f39263257b23024db4
25475c561f49cf88b9900180d8d70c83df3fcefb
066c89abf0b448661ea16d5119c3caea049bbe44e7a80a06209781359917fc3f
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 16:35:11 GMT
expires: Sat, 23 Sep 2023 16:35:11 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4000017974277059594
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50852
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=1459647905406699127&zx=c4adfca3-c515-4d13-8c26-d62ec247a241
200 OK 21 B URL GET HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1459647905406699127&zx=c4adfca3-c515-4d13-8c26-d62ec247a241
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=1459647905406699127&zx=c4adfca3-c515-4d13-8c26-d62ec247a241 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 16:35:11 GMT
last-modified: Sat, 23 Sep 2023 16:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/img/share_buttons_20_3.png
200 OK 5.1 kB URL GET HTTP/3 www.blogger.com/img/share_buttons_20_3.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 02:56:33 GMT
expires: Tue, 26 Sep 2023 02:56:33 GMT
cache-control: public, max-age=604800
last-modified: Mon, 18 Sep 2023 12:52:31 GMT
content-type: image/png
age: 394718
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 04c3317215dbb6290c22b51fb76ba3fd
4f6dd945ef1d6d3ff6863608e7f26b1ba0b00134
47ca7e2430599f81f776f12dfad83f9a89ac22c636adfdfbb7b001e3b9167c16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AAOd8Myl2RRn-CFAgqdjmfLXFzVVF4B8438zi5b9-8Dcd4VCDVPhPRlBW0z7ZPYCjiIm0AcDsNdIYLjGteHDcbviEOLyifczA-rMnEmLAgoa6rDYg4vAuDc1SshfI25NTnSElI9664P7L5APzXmW_nTK5EhsBnJF_8Vbo4U=s0-d
200 OK 4.1 kB URL GET HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AAOd8Myl2RRn-CFAgqdjmfLXFzVVF4B8438zi5b9-8Dcd4VCDVPhPRlBW0z7ZPYCjiIm0AcDsNdIYLjGteHDcbviEOLyifczA-rMnEmLAgoa6rDYg4vAuDc1SshfI25NTnSElI9664P7L5APzXmW_nTK5EhsBnJF_8Vbo4U=s0-d
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 130 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 72f48db40424e41bd60741911703ef9c
bdb7785f13eed49b5a748a9d502b1d163c34fb8c
71b2638f49f41878c5afe4adff2739f647dc0e49c944f810ccedefbfc4209341
GET /blogger_img_proxy/AAOd8Myl2RRn-CFAgqdjmfLXFzVVF4B8438zi5b9-8Dcd4VCDVPhPRlBW0z7ZPYCjiIm0AcDsNdIYLjGteHDcbviEOLyifczA-rMnEmLAgoa6rDYg4vAuDc1SshfI25NTnSElI9664P7L5APzXmW_nTK5EhsBnJF_8Vbo4U=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 24 Sep 2023 16:35:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:11 GMT
server: fife
content-length: 4062
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-9a2fW0776Cg/VMCMtJXqpdI/AAAAAAAAWtU/VOMJwlgJDKI/s1600/Organizing%2BYour%2BPuppy.jpg
200 OK 857 kB URL GET HTTP/2 2.bp.blogspot.com/-9a2fW0776Cg/VMCMtJXqpdI/AAAAAAAAWtU/VOMJwlgJDKI/s1600/Organizing%2BYour%2BPuppy.jpg
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1200x1600, components 3\012- data
Size 857 kB (856600 bytes)
Hash d317621883a20102334435b20c463163
1f2bbfa40dcd97703fa716769ae053f4e2df76d9
8bbbf5263ae6701f1cdcb8d300ab823019a17e0671d06fe97fde843d2c0fcc0c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-9a2fW0776Cg/VMCMtJXqpdI/AAAAAAAAWtU/VOMJwlgJDKI/s1600/Organizing%2BYour%2BPuppy.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v761e"
expires: Sun, 24 Sep 2023 16:35:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Organizing Your Puppy.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:11 GMT
server: fife
content-length: 856600
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AAOd8My3q-O46DMNJxB1BjSSi_HN5gI69MVmwWE1_NkYj01JSr6ge-7mm7p-yZf2zFY0Gh4G4alI6I_StK_WEqPOhCuZ9nEzkXJLzmjim_uxTD9uPlDRZGn19L5Ka3rqj0grkeYdGb8UVWjC5LH7L31Ro6Tb7ksD-449TNylsTnr3XQfQz36udAGEA=s0-d
200 OK 8.7 kB URL GET HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AAOd8My3q-O46DMNJxB1BjSSi_HN5gI69MVmwWE1_NkYj01JSr6ge-7mm7p-yZf2zFY0Gh4G4alI6I_StK_WEqPOhCuZ9nEzkXJLzmjim_uxTD9uPlDRZGn19L5Ka3rqj0grkeYdGb8UVWjC5LH7L31Ro6Tb7ksD-449TNylsTnr3XQfQz36udAGEA=s0-d
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 300 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash de70c2fd43469b3555fa33dd5324aabe
f9f55583a2d47b07a2a08a4849b18a4251da3e93
e31d5ab49036b2119d04cfbe1ed831ff68ee30ba63defdd893f160cc8bf6a4b7
GET /blogger_img_proxy/AAOd8My3q-O46DMNJxB1BjSSi_HN5gI69MVmwWE1_NkYj01JSr6ge-7mm7p-yZf2zFY0Gh4G4alI6I_StK_WEqPOhCuZ9nEzkXJLzmjim_uxTD9uPlDRZGn19L5Ka3rqj0grkeYdGb8UVWjC5LH7L31Ro6Tb7ksD-449TNylsTnr3XQfQz36udAGEA=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 24 Sep 2023 16:35:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:11 GMT
server: fife
content-length: 8731
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 126b0a9f06e2940180b9f3d7bf846ee3
837d11e1daeabaeb84b17ab34e3668d5f654f5bd
0f4e2ec6b04e2bbfec447077213cb23fe5008094a636f4de026a9534a0edb691
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mz9h-rLtc9hwlKMSzcNRTCce2e0mLJGL1tBXbds3XDtJyxBggOsO_NhLJ7KkD7U3sc1GD0mnEU1olDaoaFaIo_p8DI-mqepnfjqKhpGHF5eMzL-N3KJ_QQPsFWUJMuw2bZd0Q-Wq_s4OBX5kweL6i8QP3CC8RrcTa1tfXRZsEQP7Wkn3Jw=w72-h72-p-k-no-nu
200 OK 3.5 kB URL GET HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mz9h-rLtc9hwlKMSzcNRTCce2e0mLJGL1tBXbds3XDtJyxBggOsO_NhLJ7KkD7U3sc1GD0mnEU1olDaoaFaIo_p8DI-mqepnfjqKhpGHF5eMzL-N3KJ_QQPsFWUJMuw2bZd0Q-Wq_s4OBX5kweL6i8QP3CC8RrcTa1tfXRZsEQP7Wkn3Jw=w72-h72-p-k-no-nu
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 7ead7c6892c9d593ee1d385889aa56d8
294a04a9804516e1ad902f180a089a3a97520e78
7d75942a9870c7a8f786321359842631586c16ef4fc8f6f8876c7ab9a598e05c
GET /blogger_img_proxy/AAOd8Mz9h-rLtc9hwlKMSzcNRTCce2e0mLJGL1tBXbds3XDtJyxBggOsO_NhLJ7KkD7U3sc1GD0mnEU1olDaoaFaIo_p8DI-mqepnfjqKhpGHF5eMzL-N3KJ_QQPsFWUJMuw2bZd0Q-Wq_s4OBX5kweL6i8QP3CC8RrcTa1tfXRZsEQP7Wkn3Jw=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 24 Sep 2023 16:35:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:11 GMT
server: fife
content-length: 3540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 2a9cb3694beef11368f7284821163a4d
32d723fad91ccd0c154e5d7e489266cfe596aa61
08cd4f8a916cab4a520c51bd519209ebe87f4898f10d1f1c968bce537c4d3916
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-tgeQ_uCyUA8/VIYSz72ZYjI/AAAAAAAAKBg/SB3PhhaW6nU/s0/000074.png
200 OK 7.7 kB URL GET HTTP/3 1.bp.blogspot.com/-tgeQ_uCyUA8/VIYSz72ZYjI/AAAAAAAAKBg/SB3PhhaW6nU/s0/000074.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 3bd5eec4eb5b165f2bd52523d87d9225
90348d7d5cb5ddf0b4d3f1dffd2f1f460dbe3731
5b507ae030d7bcb50f96523d564d13369f4a1725f10b65d9e4c010d6ecf0f75c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-tgeQ_uCyUA8/VIYSz72ZYjI/AAAAAAAAKBg/SB3PhhaW6nU/s0/000074.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v2819"
expires: Sun, 24 Sep 2023 16:35:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="000074.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:11 GMT
server: fife
content-length: 7711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 2a9cb3694beef11368f7284821163a4d
32d723fad91ccd0c154e5d7e489266cfe596aa61
08cd4f8a916cab4a520c51bd519209ebe87f4898f10d1f1c968bce537c4d3916
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-Agoh6axocB8/VIYb_liektI/AAAAAAAAKBs/p51iEoICHfo/s1600/08_HeaderMock-crop.png
200 OK 41 kB URL GET HTTP/3 3.bp.blogspot.com/-Agoh6axocB8/VIYb_liektI/AAAAAAAAKBs/p51iEoICHfo/s1600/08_HeaderMock-crop.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 1250 x 289, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b3f4c0e7bbb82d181e7d8af317150c8
71987373ea98ed0a1c012574322b48f504ebb328
b6c3334bd2a08c638a4c1bc97f8ed6e4091925bcd06c4476e7e0c28e5154e0e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Agoh6axocB8/VIYb_liektI/AAAAAAAAKBs/p51iEoICHfo/s1600/08_HeaderMock-crop.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v281c"
expires: Sun, 24 Sep 2023 16:35:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="08_HeaderMock-crop.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:11 GMT
server: fife
content-length: 41301
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 04c3317215dbb6290c22b51fb76ba3fd
4f6dd945ef1d6d3ff6863608e7f26b1ba0b00134
47ca7e2430599f81f776f12dfad83f9a89ac22c636adfdfbb7b001e3b9167c16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mw9BtYThiOS_nNuOwkcerwdxp9Xa9_djsV8BWKJOVrwgAi861gAA4Ly_eoL9QDDV1sm6X2WzNpuUpDC78aEu2_YgiWGeIhKZUiHZ9s6NPmcq8HGNgbrFsg=s0-d
200 OK 36 kB URL GET HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AAOd8Mw9BtYThiOS_nNuOwkcerwdxp9Xa9_djsV8BWKJOVrwgAi861gAA4Ly_eoL9QDDV1sm6X2WzNpuUpDC78aEu2_YgiWGeIhKZUiHZ9s6NPmcq8HGNgbrFsg=s0-d
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 160x600, components 3\012- data
Hash 8c6693d6f86a163006de25e82cd786f2
1e3e506efe7b0d81f270fd8eabca289ccec99850
422f08966533ed899d53472d63d140b4e83acde7b6ad9fe11a39e94fc5a102c2
GET /blogger_img_proxy/AAOd8Mw9BtYThiOS_nNuOwkcerwdxp9Xa9_djsV8BWKJOVrwgAi861gAA4Ly_eoL9QDDV1sm6X2WzNpuUpDC78aEu2_YgiWGeIhKZUiHZ9s6NPmcq8HGNgbrFsg=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Sun, 24 Sep 2023 16:35:11 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:11 GMT
server: fife
content-length: 36128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
200 OK 21 kB URL GET HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Hash 13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://organizingmadefun.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:04:40 GMT
expires: Fri, 20 Sep 2024 15:04:40 GMT
cache-control: public, max-age=31536000
age: 178231
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dancingscript/v25/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/dancingscript/v25/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 24016, version 1.0\012- data
Hash 85f00d66c5f31d58833abf1cfbe1496e
d504a89747d1258a4c4faff0ebc6f63853b570d6
3270680fc889eabfb9c410ee690161071f237679a90171a0a67b09142b8d382c
GET /s/dancingscript/v25/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://organizingmadefun.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 18:14:11 GMT
expires: Wed, 18 Sep 2024 18:14:11 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:02:04 GMT
content-type: font/woff2
age: 339660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-g-zH25_DoxI/VD1BuatkgII/AAAAAAAAAgc/00hxspfvv3s/s1600/searchbar.png
200 OK 1.3 kB URL GET HTTP/3 3.bp.blogspot.com/-g-zH25_DoxI/VD1BuatkgII/AAAAAAAAAgc/00hxspfvv3s/s1600/searchbar.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 208 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash afae2d18d62d0aae7eb668f004b7aee7
bf6940b8c9b18cc05114886d974cad19494bdb23
47562814b7e27a521a2e5f3127d2671a999d4f7f3c608363208021beabf4e107
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-g-zH25_DoxI/VD1BuatkgII/AAAAAAAAAgc/00hxspfvv3s/s1600/searchbar.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="searchbar.png"
x-content-type-options: nosniff
server: fife
content-length: 1312
x-xss-protection: 0
date: Sat, 23 Sep 2023 13:55:36 GMT
expires: Sun, 24 Sep 2023 13:55:36 GMT
cache-control: public, max-age=86400, no-transform
age: 9576
etag: "v208"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
4.bp.blogspot.com/-OcDQ6Z9ojlQ/VD1KnwJjFOI/AAAAAAAAAgs/cu_pKN6bpL8/s1600/magnifier.png
200 OK 1.4 kB URL GET HTTP/3 4.bp.blogspot.com/-OcDQ6Z9ojlQ/VD1KnwJjFOI/AAAAAAAAAgs/cu_pKN6bpL8/s1600/magnifier.png
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 21 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash c4bdf6feb3574ccf6bfd61eeb80ad8a6
b774b71dee15eed386fb7a213a83ca9e7f03789c
5f72348050a8091ea2694ab1e0405b4f59e4c33e30c36dbcd6c1314d64157fe2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-OcDQ6Z9ojlQ/VD1KnwJjFOI/AAAAAAAAAgs/cu_pKN6bpL8/s1600/magnifier.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="magnifier.png"
x-content-type-options: nosniff
server: fife
content-length: 1373
x-xss-protection: 0
date: Sat, 23 Sep 2023 13:56:23 GMT
expires: Sun, 24 Sep 2023 13:56:23 GMT
cache-control: public, max-age=86400, no-transform
age: 9529
etag: "v20d"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 2a9cb3694beef11368f7284821163a4d
32d723fad91ccd0c154e5d7e489266cfe596aa61
08cd4f8a916cab4a520c51bd519209ebe87f4898f10d1f1c968bce537c4d3916
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7382902158307917&plah=organizingmadefun.blogspot.com&bust=31077998
200 OK 131 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7382902158307917&plah=organizingmadefun.blogspot.com&bust=31077998
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (2079)
Size 131 kB (131078 bytes)
Hash 9cc0ea330170e2d7ddb18d803043ea56
4bc70c3eeb2b17b1ca720adbcced7328d8a62b53
1bf6fac958b5ef303107d34100a87b10bbebcb8b774f5a8e234b015c6144c4d9
GET /pagead/managed/js/adsense/m202309180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7382902158307917&plah=organizingmadefun.blogspot.com&bust=31077998 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 16:35:12 GMT
expires: Sat, 23 Sep 2023 16:35:12 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 13094392638731124620
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 131078
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 51 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3920)
Hash cd9671d8d1a559425c8f3f93d017ad44
620d9bb7d60d22c4c2ffaeeca8dc4e2797cb0042
faa8228635cb6d9d366bc317d6101578207c80caf10db60652ac02b91c707adb
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 16:35:12 GMT
expires: Sat, 23 Sep 2023 16:35:12 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12417551330665405803
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagservices.com/tag/js/gpt.js
200 OK 29 kB URL GET HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (36287)
Hash d455b2bc6a3227cf3f6f0f93d0822a7a
b9a0e99e6603d3d4247e7114c142b05b9fda1c94
bd1f6d7d8fefe6e2e8d4980fe132d27ee9ac4380ef1c37a0bdfb7438c3c996e2
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 16:35:12 GMT
expires: Sat, 23 Sep 2023 16:35:12 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 12 / 19623 / m202309190101 / config-hash: 1630024442603502270
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 29268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1280&ph=1024&x=0&y=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 16:35:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
partner.googleadservices.com/gampad/cookie.js?domain=organizingmadefun.blogspot.com&callback=_gfp_s_&client=ca-pub-7382902158307917
200 OK 251 B URL GET HTTP/3 partner.googleadservices.com/gampad/cookie.js?domain=organizingmadefun.blogspot.com&callback=_gfp_s_&client=ca-pub-7382902158307917
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (391), with no line terminators
Hash f6965f622e6b61deb83185dcc481547d
8f5fbe9631ac1f28b14e7da42635c376261b4885
126c1b72c443f55535c34cdb82e5f025285f12da1845f4cdb87ce1892c207633
GET /gampad/cookie.js?domain=organizingmadefun.blogspot.com&callback=_gfp_s_&client=ca-pub-7382902158307917 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 23 Sep 2023 16:35:12 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash d5e402e3131f78cf91f4e949805f84b0
916218d5ed57b959e8c975cce1772b99b89f51bb
8a7d154e062586e5af0d0ce8ced6aaeaae10e8d3be3656def732fa12976f6ffb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 8bd82cc167dcfca92222c771cc727ea4
5412299d9da7fc26af5eb6ab0bb0adcbed11fe19
eaf1c14f5129b21a7ac323e2cb8a7d73b5258af575b971b7f8a507fd7f98577a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
organizingmadefun.blogspot.com/favicon.ico
200 OK 517 B URL GET HTTP/3 organizingmadefun.blogspot.com/favicon.ico
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 896ba8cbce957cf2ca0fe443e32370fc
9fd507ea67959cd88661ce13e5ad15304b1c3b07
3e96cec343efc6e4eb62d62f936ac16a03d059464e0c160c75c6e8d0a176b5c4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: organizingmadefun.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/search/label/pet
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sat, 23 Sep 2023 16:35:12 GMT
date: Sat, 23 Sep 2023 16:35:12 GMT
cache-control: private, max-age=86400
last-modified: Sat, 23 Sep 2023 08:14:18 GMT
etag: W/"7d56b5cae6dfeaa81026997ce817784ba4141189dbb1c0fb84d54ec92902bde0"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 517
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
madmimi.com/signups/72731/iframe
200 OK 5.2 kB URL GET HTTP/1.1 madmimi.com/signups/72731/iframe
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoDaddy.com, Inc.
Subject*.madmimi.com
Fingerprint93:2E:5F:B0:A0:33:24:36:F0:79:57:7C:11:BD:24:F4:DC:4B:F8:04
ValidityFri, 18 Aug 2023 21:57:43 GMT - Wed, 18 Sep 2024 21:57:43 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1209)
Hash e06ac3039a1df95d4bb627b60282df3b
0d328c5ed587065c5cb9743df9fd1d988f4917c0
a99bd69391f04cc30b8296c42af5f447202c998e6171b73f918756b6f0452fb3
GET /signups/72731/iframe HTTP/1.1
Host: madmimi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
Strict-Transport-Security: max-age=31536000
Referrer-Policy: strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
X-Request-Id: 77af18c8-e02b-43e9-a180-4e0065dad565
X-Download-Options: noopen
ETag: W/"a99bd69391f04cc30b8296c42af5f447"
X-Runtime: 0.084904
X-Content-Type-Options: nosniff
Date: Sat, 23 Sep 2023 16:35:13 GMT
X-Powered-By: Phusion Passenger(R) Enterprise 6.0.18
Server: nginx + Phusion Passenger(R) 6.0.18
Content-Encoding: gzip
d2vnkn0bfhsarv.cloudfront.net/assets/scripts/modernizr.min-3414b046982d5eff0e0694d091076291c89da7d78bffbc408ab2548b19c7d88a.js
200 OK 8.6 kB URL GET HTTP/1.1 d2vnkn0bfhsarv.cloudfront.net/assets/scripts/modernizr.min-3414b046982d5eff0e0694d091076291c89da7d78bffbc408ab2548b19c7d88a.js
IP
Requested by https://madmimi.com/signups/72731/iframe
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (8573), with no line terminators
Hash 89655de5e117650f33398c391a48a3c0
b3be50135a464f9db2ca23aa089279e43df87b5e
eff6128592197098eb0c0179527d6dc22b282e64d79454ae8184bc87a6748326
GET /assets/scripts/modernizr.min-3414b046982d5eff0e0694d091076291c89da7d78bffbc408ab2548b19c7d88a.js HTTP/1.1
Host: d2vnkn0bfhsarv.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://madmimi.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 8573
Connection: keep-alive
Server: nginx
Date: Sat, 23 Sep 2023 00:22:07 GMT
Last-Modified: Mon, 13 Mar 2023 15:34:13 GMT
ETag: "640f4275-217d"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: As0hZPiSyH-gHCDai1rPSGszFCjpnhBPesOSFcEJnR5jQqoairyj4A==
Age: 58386
d2vnkn0bfhsarv.cloudfront.net/assets/ui.forms-7810468ea2c33822fc77af261c664664e114b8fa798e24c52b0d1bb300f6e8ce.css
200 OK 24 kB URL GET HTTP/1.1 d2vnkn0bfhsarv.cloudfront.net/assets/ui.forms-7810468ea2c33822fc77af261c664664e114b8fa798e24c52b0d1bb300f6e8ce.css
IP
Requested by https://madmimi.com/signups/72731/iframe
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (23948)
Hash c09eb2ff04be22370c08ccdb2770871b
25bcccf52d47df458f42f1c5b47f46f1a976d2bc
8b56c32df20bd3a11a517b6d47ade073d1f192acd2a9b5df150a2c413a829218
GET /assets/ui.forms-7810468ea2c33822fc77af261c664664e114b8fa798e24c52b0d1bb300f6e8ce.css HTTP/1.1
Host: d2vnkn0bfhsarv.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://madmimi.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23954
Connection: keep-alive
Server: nginx
Date: Sat, 23 Sep 2023 04:10:03 GMT
Last-Modified: Mon, 13 Mar 2023 17:35:02 GMT
ETag: "640f5ec6-5d92"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: t1MuRy3W4zbjwl60VKv-eF8h9s7Hzg1Ws9OqQHBmQl42TzjlsEo3nw==
Age: 44710
d1lggihq2bt4jo.cloudfront.net/assets/webform_iframe-0da1e39e9446df08b63296c3f82087f0079b70c5bdebe9d548aea99d510dced7.css
200 OK 3.3 kB URL GET HTTP/1.1 d1lggihq2bt4jo.cloudfront.net/assets/webform_iframe-0da1e39e9446df08b63296c3f82087f0079b70c5bdebe9d548aea99d510dced7.css
IP
Requested by https://madmimi.com/signups/72731/iframe
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (3271)
Hash 2c29e2205c0e9932ee788d6b35dfaa8f
9471eb26dc1df99ba9c4ea4d6b62d5021fccf2ff
23dbddea3ea3715924bc89612d7c1d7340181f0437f097936eae61eef26a0254
GET /assets/webform_iframe-0da1e39e9446df08b63296c3f82087f0079b70c5bdebe9d548aea99d510dced7.css HTTP/1.1
Host: d1lggihq2bt4jo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://madmimi.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 3272
Connection: keep-alive
Server: nginx
Date: Sat, 23 Sep 2023 03:35:51 GMT
Last-Modified: Mon, 13 Mar 2023 17:51:44 GMT
ETag: "640f62b0-cc8"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AgtcEReQ6tWsl7R5yv5dmtgMhp6ltMWKkEdSI6QBY4i7YOXDQn8sjQ==
Age: 46762
d1lggihq2bt4jo.cloudfront.net/assets/webform-b01cee7423933a81a2fcd9689bf26e3f11b8036f560dba4d1621ba9102819514.css
200 OK 32 kB URL GET HTTP/1.1 d1lggihq2bt4jo.cloudfront.net/assets/webform-b01cee7423933a81a2fcd9689bf26e3f11b8036f560dba4d1621ba9102819514.css
IP
Requested by https://madmimi.com/signups/72731/iframe
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (31642)
Hash 882c1207881a70f64cf373716cd76a25
eb0a396053896163cad85c40bb637f55fbde4143
b55dd5705c7f72ca89fb94ccfed19eede1240beb64e75a0ae1acfa9314ade644
GET /assets/webform-b01cee7423933a81a2fcd9689bf26e3f11b8036f560dba4d1621ba9102819514.css HTTP/1.1
Host: d1lggihq2bt4jo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://madmimi.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 31643
Connection: keep-alive
Server: nginx
Date: Sat, 23 Sep 2023 01:29:33 GMT
Last-Modified: Mon, 13 Mar 2023 17:02:58 GMT
ETag: "640f5742-7b9b"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L8td-jwS__xEiJ5v3xtdaesiq2VBVWjU17gUTo4f2HOd8WUlBCtw4A==
Age: 54340
d1lggihq2bt4jo.cloudfront.net/assets/scripts/basic_dropdown-6d25e3a8a6ca9d044f05948a265efd8edd7d994eba32a6ad309e0242be0de668.js
200 OK 5.3 kB URL GET HTTP/1.1 d1lggihq2bt4jo.cloudfront.net/assets/scripts/basic_dropdown-6d25e3a8a6ca9d044f05948a265efd8edd7d994eba32a6ad309e0242be0de668.js
IP
Requested by https://madmimi.com/signups/72731/iframe
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (5270), with no line terminators
Hash 48cfdb1932171b98bf4710a5bf749ffc
a37964aa196d16e264e54c9db177ff6333812b2b
69d50a8951ee2d2141a14f13c4060b427193ddad35d573e3b3fd8ea333158c82
GET /assets/scripts/basic_dropdown-6d25e3a8a6ca9d044f05948a265efd8edd7d994eba32a6ad309e0242be0de668.js HTTP/1.1
Host: d1lggihq2bt4jo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://madmimi.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 5270
Connection: keep-alive
Server: nginx
Date: Sat, 23 Sep 2023 06:55:44 GMT
Last-Modified: Mon, 13 Mar 2023 15:34:13 GMT
ETag: "640f4275-1496"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K8yy013_-YvjNgKQed0CdjvIqm3ePG0ixdJ_8Ysm4RwV8yNmvsITFg==
Age: 34769
d1lggihq2bt4jo.cloudfront.net/assets/theme/theme_madmimi-746fad9a4bcf6b761a2ed3d9a719e7d4266e8e4a1e41f35d87cd34dee5f62d48.css
200 OK 240 kB URL GET HTTP/1.1 d1lggihq2bt4jo.cloudfront.net/assets/theme/theme_madmimi-746fad9a4bcf6b761a2ed3d9a719e7d4266e8e4a1e41f35d87cd34dee5f62d48.css
IP
Requested by https://madmimi.com/signups/72731/iframe
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65532), with no line terminators
Size 240 kB (240093 bytes)
Hash b954b0e0078a1b504de3b99cbc197f32
40d7ba566578b44951cb326c950d482ee73ebc22
480d34effa6412e38cf9155b3f0cabc74686aef4ee327071e8939f30fba2ced4
GET /assets/theme/theme_madmimi-746fad9a4bcf6b761a2ed3d9a719e7d4266e8e4a1e41f35d87cd34dee5f62d48.css HTTP/1.1
Host: d1lggihq2bt4jo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://madmimi.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 240093
Connection: keep-alive
Server: nginx
Date: Sat, 23 Sep 2023 01:39:07 GMT
Last-Modified: Mon, 13 Mar 2023 17:35:02 GMT
ETag: "640f5ec6-3a9dd"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GZ-kEOCqyMfX_02lf3kR2MFPIez0x28GWUVu95ZljbDK49ABgi6a8Q==
Age: 53766
d1lggihq2bt4jo.cloudfront.net/assets/ui.elements-35738de99e0fd8cf99f2d7dd6a730a13d89b779ee1aaff0cc1e48d49711b2450.css
200 OK 57 kB URL GET HTTP/1.1 d1lggihq2bt4jo.cloudfront.net/assets/ui.elements-35738de99e0fd8cf99f2d7dd6a730a13d89b779ee1aaff0cc1e48d49711b2450.css
IP
Requested by https://madmimi.com/signups/72731/iframe
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (56672)
Hash d0d6af4bd17f40d4283c29699b29cd33
bf70ea47b436cd785cb3203c2f41bb48ef51cf28
9ca4cf55fe23a4e4d26ee2884b23c0921e8f198b042ef70a075777adefe8b989
GET /assets/ui.elements-35738de99e0fd8cf99f2d7dd6a730a13d89b779ee1aaff0cc1e48d49711b2450.css HTTP/1.1
Host: d1lggihq2bt4jo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://madmimi.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 56673
Connection: keep-alive
Server: nginx
Date: Sat, 23 Sep 2023 03:49:12 GMT
Last-Modified: Mon, 13 Mar 2023 17:51:44 GMT
ETag: "640f62b0-dd61"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iSzfn8rzPg7OQCAxV_n1TVRA1xrkhwifzU28G_ptXWzQdsheW8n0vA==
Age: 45961
d1lggihq2bt4jo.cloudfront.net/assets/img/webforms/attention-757db8ca2e1a7e1d4dcbb65bd8cc01ce214d17b36fa1551d8f58f34f0d8a43f3.gif
200 OK 513 B URL GET HTTP/1.1 d1lggihq2bt4jo.cloudfront.net/assets/img/webforms/attention-757db8ca2e1a7e1d4dcbb65bd8cc01ce214d17b36fa1551d8f58f34f0d8a43f3.gif
IP
Requested by https://madmimi.com/signups/72731/iframe
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 20 x 20\012- data
Hash 5af5d492d3e93d048c893bcdfc3bf04c
9e2e7ff36d4c55e8d356b54360426213c4adca2a
856c3a0aecb967b1a22b816191b65573148f390f8299925f08b902254887eb10
GET /assets/img/webforms/attention-757db8ca2e1a7e1d4dcbb65bd8cc01ce214d17b36fa1551d8f58f34f0d8a43f3.gif HTTP/1.1
Host: d1lggihq2bt4jo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d1lggihq2bt4jo.cloudfront.net/assets/theme/theme_madmimi-746fad9a4bcf6b761a2ed3d9a719e7d4266e8e4a1e41f35d87cd34dee5f62d48.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 513
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 13 Mar 2023 17:51:44 GMT
Accept-Ranges: bytes
Date: Sat, 23 Sep 2023 05:02:43 GMT
ETag: "640f62b0-201"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oZtoBsGJVqFyYSjlxdtSmyak2QKyPAcK_DFFUDuQz9wm2JjMwLErnQ==
Age: 46078
d1lggihq2bt4jo.cloudfront.net/assets/img/webforms/button_bg-3d246ae0081c92e3f41d9bc26f3e6a93dfcf06a92cc73a69f39e8c48ca63440a.png
200 OK 101 B URL GET HTTP/1.1 d1lggihq2bt4jo.cloudfront.net/assets/img/webforms/button_bg-3d246ae0081c92e3f41d9bc26f3e6a93dfcf06a92cc73a69f39e8c48ca63440a.png
IP
Requested by https://madmimi.com/signups/72731/iframe
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type PNG image data, 1 x 200, 8-bit grayscale, non-interlaced\012- data
Hash f0e7dd9f0ad903ba170fc0a9c6498614
651784074a4f3c0b127f652d478694587e10b804
5ddc76b24bd4a1e67a5829e317bacc13963c9f14b41a68679f0887607b764c9a
GET /assets/img/webforms/button_bg-3d246ae0081c92e3f41d9bc26f3e6a93dfcf06a92cc73a69f39e8c48ca63440a.png HTTP/1.1
Host: d1lggihq2bt4jo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d1lggihq2bt4jo.cloudfront.net/assets/theme/theme_madmimi-746fad9a4bcf6b761a2ed3d9a719e7d4266e8e4a1e41f35d87cd34dee5f62d48.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 101
Connection: keep-alive
Server: nginx
Date: Sat, 23 Sep 2023 05:47:29 GMT
Last-Modified: Mon, 13 Mar 2023 17:51:44 GMT
ETag: "640f62b0-65"
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PTxfDZw12UH8zSASmOjwdErcsHD4zGhOs6NRCeel1KghCfqqjJNhNQ==
Age: 38864
ocsp.godaddy.com/
2.1 kB IP
Hash 8874f01f29f5c1d9283ad7e53e89dfc9
360d1597b5ee3358321ce6388bee147dbb6ac035
43b9441aa7cb0390dc13af6b6f62262147a29629267eae34feefd45704485207
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 23 Sep 2023 16:35:14 GMT
Content-Type: application/ocsp-response
Content-Length: 2108
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 23 Sep 2023 11:38:39 GMT
Expires: Sun, 24 Sep 2023 11:38:39 GMT
ETag: "360d1597b5ee3358321ce6388bee147dbb6ac035"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cascade.madmimi.com/logos/0000/9104/header_for_signature_2014_1419222173.jpg
200 OK 13 kB URL GET HTTP/2 cascade.madmimi.com/logos/0000/9104/header_for_signature_2014_1419222173.jpg
IP
Requested by https://madmimi.com/signups/72731/iframe
Certificate IssuerGoDaddy.com, Inc.
Subjectcascade.madmimi.com
Fingerprint38:A4:D8:E2:EA:90:D2:6D:F6:62:AE:2E:1F:20:E8:A7:A9:37:C3:BE
ValidityWed, 11 Jan 2023 18:32:12 GMT - Mon, 12 Feb 2024 18:32:12 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x91, components 3\012- data
Hash 942645aa38217530592c2ddec876c66f
e6678f70693758c4b3661707bb5c0cae694f014f
96f4cbd5d56d2ebadb0f21e3131540da90df9676706b6cefededf86be93820c9
GET /logos/0000/9104/header_for_signature_2014_1419222173.jpg HTTP/1.1
Host: cascade.madmimi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://madmimi.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 12638
last-modified: Mon, 22 Dec 2014 04:23:02 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 23 Sep 2023 16:35:16 GMT
expires: Tue, 23 Dec 2014 02:56:43 GMT
etag: "942645aa38217530592c2ddec876c66f"
x-cache: RefreshHit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ONvgoUOM5OsKOLWDK12LQ52KmZUCrkHkuXJffv6TJBpRNt2MYnrF2g==
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env
200 OK 12 kB URL GET HTTP/3 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type JSON data\012- , ASCII text, with very long lines (15990), with no line terminators
Hash 6f5d96f15b1a12997182dd548a93c522
ea0b8010ed0904641340b2419945b9c50701ab4e
c4a739c8d7e25834fd9b4118d3696abd95d20c401d21c58ca983010ba15f12d0
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://organizingmadefun.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 23 Sep 2023 16:35:15 GMT
server: cafe
content-length: 12065
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash 5f51b90d588da5830fe2f42925d6bced
27e4e2138921def351cd58994edaf1bbeb26b60a
448968bd0ef2587926e2ffc64e36cbfa8590fa30880e143dabfba31ea5f98199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL GET HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
Fingerprint51:2A:C5:84:C9:49:F8:BA:3F:D9:82:0E:BA:01:C7:D5:36:C2:BA:64
ValidityMon, 04 Sep 2023 08:22:41 GMT - Mon, 27 Nov 2023 08:22:40 GMT
File type ASCII text, with very long lines (1321)
Hash 2cc87e9764aebcbbf36ff2061e6a2793
b4f2ffdf4c695aa79f0e63651c18a88729c2407b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 23 Sep 2023 16:35:15 GMT
expires: Sat, 23 Sep 2023 16:35:15 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL GET HTTP/3 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash 1d3d22df067f5219073f9c0fabb74fdd
d5c226022639323d93946df3571404116041e588
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 10:32:29 GMT
expires: Sun, 22 Sep 2024 10:32:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 21766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash ec7e4fa5141f5c291141f904d913eb18
a1d02556789afef84c5c74b80eb45cd1604c3c70
9d7147857b1d24f497c88bbb8edb50fa9e27d8abbf81a4156bb5f97cfaf977aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 8e0560c46747530b07f20c3704aecf0c
30e8a5e5b62c28ed29ef6408f9044f2d8a911db5
e5b8c6bd88bfb832b0b14cf3e17048b546cbf82d7de8d539f8fdad12794b3cb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 16:35:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
15 kB URL pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (37385)
Hash a325f5c00749f9340329610f4d80371b
41126a232c6859b49eab99a0a269fcb56a3f01ef
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
GET /bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 18:54:58 GMT
expires: Thu, 19 Sep 2024 18:54:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 250817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=4203706650009073&rc=
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=4203706650009073&rc=
IP
Requested by https://www.google.com/recaptcha/api2/aframe
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=4203706650009073&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.godaddy.com/
2.1 kB IP
Hash 3e83d0a07a82fcb1cd61b87351761349
2a48e06a2a449be90b2e30c4d27d105893f5e527
53fe9bcaca696691cdfd4f124d69a6521080bb8c5e6d6c04e1125e6143f9b4a5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 23 Sep 2023 16:35:15 GMT
Content-Type: application/ocsp-response
Content-Length: 2107
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 22 Sep 2023 22:58:15 GMT
Expires: Sat, 23 Sep 2023 22:58:15 GMT
ETag: "2a48e06a2a449be90b2e30c4d27d105893f5e527"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tpc.googlesyndication.com/generate_204?OI6NTQ
0 B URL tpc.googlesyndication.com/generate_204?OI6NTQ
IP
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
Fingerprint51:2A:C5:84:C9:49:F8:BA:3F:D9:82:0E:BA:01:C7:D5:36:C2:BA:64
ValidityMon, 04 Sep 2023 08:22:41 GMT - Mon, 27 Nov 2023 08:22:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?OI6NTQ HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 16:35:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=4203706650009073&bg=!9fal9rnNAAYrDsWMCw47ADQBe5WfOE-yqdNFTxbHgHIzMK8m4HQ6UcndCHnqRVSk2LefyccofT5s7Cb4yLVzf_f6wneyAgAAAUlSAAAAHWgBB5kCfBoyZumzqwj__7lsH_dMEedN3l7jdQpdb0uWe4Orec2GcMRLqrUwHl6Z-tAOqSZaxJfGWIdwQ1C2R7vSr_gUr9SheVrBi4GSMf7S4-MtzQzW8LzUL769QWPDM9bcfek5u0vOq8RlCM-mtMwmR-IZlg65MUbcL4jaqoQeJ22Z6Jh8s6UbG_VapRNoaSgUCzOmIooLueQWzL8JidUvV9Kg2VozXVec4QEzj7WVTr3wA5_Y07MIDEH592OWoeUKqXNvi9bOxiCGbb32SKWC0ks_RI19XNsCgQVLa4NcdDpABnaelOYt6IQGvHIX2RczQueaBfNMtzYAsMzNk5sgWLQ0PIfoI_HGjedlGytYQCvhwXmfF1_aY1LYsFHIq_2Y0JGqYaZReEySz97CbKVaNuS_hqYWJaZRwxpJKI-i3r3Rkt0jKt_kayFFMLlBbWHo463vKtUjPeQGqMNkwrK8TPqZMyHufmLFY_UABIU0wdyljJ9EGvlwBkGVVlhb7PKGeZnhXYkpdwjTsO4_K8hocq59j5L3mC_PB_4EkngGN8TfOctZfYSk9LRs16V-a_G2VVJdNGEeYp4muxM5nimnMVICPpVEwumCQGoyqVhE2Y7irbC3CKEgtDfMu-SSYsEAPsg2msupsb-mdmTMUbKI49_tjGYbNpwJv_9Xd1VkE2bBS1jj9A9XvIAIX2I15nCYJSJGSlt4uf7kfVcb1-_UMcdR79t4uUZTxAieJVlTfCvkMvlrpYLgdjgEWQ5UYVPaH2HNt0qXURaev17yRafiJ8aLo9axmlwmzc6RqAR617Kc9wPRuPVewtS5tLoTZ_hTC2GwuQRTiHSGYyaMSZP05Q
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=4203706650009073&bg=!9fal9rnNAAYrDsWMCw47ADQBe5WfOE-yqdNFTxbHgHIzMK8m4HQ6UcndCHnqRVSk2LefyccofT5s7Cb4yLVzf_f6wneyAgAAAUlSAAAAHWgBB5kCfBoyZumzqwj__7lsH_dMEedN3l7jdQpdb0uWe4Orec2GcMRLqrUwHl6Z-tAOqSZaxJfGWIdwQ1C2R7vSr_gUr9SheVrBi4GSMf7S4-MtzQzW8LzUL769QWPDM9bcfek5u0vOq8RlCM-mtMwmR-IZlg65MUbcL4jaqoQeJ22Z6Jh8s6UbG_VapRNoaSgUCzOmIooLueQWzL8JidUvV9Kg2VozXVec4QEzj7WVTr3wA5_Y07MIDEH592OWoeUKqXNvi9bOxiCGbb32SKWC0ks_RI19XNsCgQVLa4NcdDpABnaelOYt6IQGvHIX2RczQueaBfNMtzYAsMzNk5sgWLQ0PIfoI_HGjedlGytYQCvhwXmfF1_aY1LYsFHIq_2Y0JGqYaZReEySz97CbKVaNuS_hqYWJaZRwxpJKI-i3r3Rkt0jKt_kayFFMLlBbWHo463vKtUjPeQGqMNkwrK8TPqZMyHufmLFY_UABIU0wdyljJ9EGvlwBkGVVlhb7PKGeZnhXYkpdwjTsO4_K8hocq59j5L3mC_PB_4EkngGN8TfOctZfYSk9LRs16V-a_G2VVJdNGEeYp4muxM5nimnMVICPpVEwumCQGoyqVhE2Y7irbC3CKEgtDfMu-SSYsEAPsg2msupsb-mdmTMUbKI49_tjGYbNpwJv_9Xd1VkE2bBS1jj9A9XvIAIX2I15nCYJSJGSlt4uf7kfVcb1-_UMcdR79t4uUZTxAieJVlTfCvkMvlrpYLgdjgEWQ5UYVPaH2HNt0qXURaev17yRafiJ8aLo9axmlwmzc6RqAR617Kc9wPRuPVewtS5tLoTZ_hTC2GwuQRTiHSGYyaMSZP05Q
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=4203706650009073&bg=!9fal9rnNAAYrDsWMCw47ADQBe5WfOE-yqdNFTxbHgHIzMK8m4HQ6UcndCHnqRVSk2LefyccofT5s7Cb4yLVzf_f6wneyAgAAAUlSAAAAHWgBB5kCfBoyZumzqwj__7lsH_dMEedN3l7jdQpdb0uWe4Orec2GcMRLqrUwHl6Z-tAOqSZaxJfGWIdwQ1C2R7vSr_gUr9SheVrBi4GSMf7S4-MtzQzW8LzUL769QWPDM9bcfek5u0vOq8RlCM-mtMwmR-IZlg65MUbcL4jaqoQeJ22Z6Jh8s6UbG_VapRNoaSgUCzOmIooLueQWzL8JidUvV9Kg2VozXVec4QEzj7WVTr3wA5_Y07MIDEH592OWoeUKqXNvi9bOxiCGbb32SKWC0ks_RI19XNsCgQVLa4NcdDpABnaelOYt6IQGvHIX2RczQueaBfNMtzYAsMzNk5sgWLQ0PIfoI_HGjedlGytYQCvhwXmfF1_aY1LYsFHIq_2Y0JGqYaZReEySz97CbKVaNuS_hqYWJaZRwxpJKI-i3r3Rkt0jKt_kayFFMLlBbWHo463vKtUjPeQGqMNkwrK8TPqZMyHufmLFY_UABIU0wdyljJ9EGvlwBkGVVlhb7PKGeZnhXYkpdwjTsO4_K8hocq59j5L3mC_PB_4EkngGN8TfOctZfYSk9LRs16V-a_G2VVJdNGEeYp4muxM5nimnMVICPpVEwumCQGoyqVhE2Y7irbC3CKEgtDfMu-SSYsEAPsg2msupsb-mdmTMUbKI49_tjGYbNpwJv_9Xd1VkE2bBS1jj9A9XvIAIX2I15nCYJSJGSlt4uf7kfVcb1-_UMcdR79t4uUZTxAieJVlTfCvkMvlrpYLgdjgEWQ5UYVPaH2HNt0qXURaev17yRafiJ8aLo9axmlwmzc6RqAR617Kc9wPRuPVewtS5tLoTZ_hTC2GwuQRTiHSGYyaMSZP05Q HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 16:35:16 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/aframe
200 OK 829 B URL GET HTTP/2 www.google.com/recaptcha/api2/aframe
IP
Requested by https://organizingmadefun.blogspot.com/search/label/pet
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintD2:77:FE:08:C6:61:6A:42:5C:1F:85:13:DA:23:B2:B8:46:20:45:88
ValidityMon, 04 Sep 2023 08:23:29 GMT - Mon, 27 Nov 2023 08:23:28 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (853), with no line terminators
Hash ea97e1ee454c020b5b9e6cd315914408
2ba875d4d0a1bf3b5dd7faa0c948d032cb948517
46c04b5ad4628f7bb2194ec8c3b346985b35654adcd31a0da9b108d668d65722
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://organizingmadefun.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 23 Sep 2023 16:35:15 GMT
date: Sat, 23 Sep 2023 16:35:15 GMT
cache-control: private, max-age=300
content-security-policy: script-src 'nonce-7wmqAoLjmJU9gRjOPnmFcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
172.217.21.161
0.0.0.0