urlquery - report: givealwyes.blogspot.am/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
www.logo.wine (1)	693345	2019-12-03T03:24:48Z	2023-03-24T08:40:13Z	416	952	188.114.96.1
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-24T18:20:20Z	413	5881	34.160.144.191
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-24T18:17:07Z	606	127	35.164.39.216
fonts.googleapis.com (2)	8877	2013-06-10T22:14:26Z	2023-03-25T00:27:50Z	1165	8190	142.250.74.106
r3.o.lencr.org (7)	344	2020-12-02T09:52:13Z	2023-03-25T05:09:02Z	2366	6207	23.36.76.226
classic.clickfunnels.com (3)	0	2022-10-26T20:44:01Z	2023-03-25T00:17:20Z	1381	116115	104.16.12.194
fonts.gstatic.com (3)	0	2014-09-09T02:40:21Z	2023-03-25T03:38:01Z	1493	50451	142.250.74.35
img-getpocket.cdn.mozilla.net (5)	1631	2018-06-22T01:36:00Z	2023-03-24T16:33:49Z	2705	45249	34.120.237.76
images.clickfunnels.com (2)	95357	2014-10-08T22:00:42Z	2023-03-25T00:30:04Z	1416	60075	104.16.12.194
app.clickfunnels.com (3)	34727	2015-03-12T09:40:23Z	2023-03-25T05:38:41Z	1636	184465	104.16.12.194
static.cloudflareinsights.com (1)	1294	2019-09-24T16:34:56Z	2023-03-25T05:10:21Z	471	393	104.16.57.101
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-24T18:14:23Z	782	2372	35.241.9.150
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-25T05:09:25Z	333	391	34.117.237.239
givealwyes.blogspot.am (1)	0			354	608	142.250.74.1
givealwyes.blogspot.com (2)	0	2023-01-20T02:31:49Z	2023-03-17T22:14:19Z	808	13346	142.250.74.1
ocsp.pki.goog (8)	175	2018-07-01T08:43:07Z	2023-03-25T05:09:34Z	2744	5598	142.250.74.131
www.clickfunnels.com (3)	51002	2014-10-08T22:01:35Z	2023-03-25T00:30:03Z	1171	2118	172.64.148.75
use.fontawesome.com (2)	942	2017-01-30T05:43:25Z	2023-03-25T05:09:03Z	813	1724	172.64.133.15

Scan Date	Severity	Indicator	Comment
2023-03-12	medium	givealwyes.blogspot.com/	Phishing
2023-03-12	medium	givealwyes.blogspot.com/	Phishing

Date	UQ / IDS / BL	URL	IP
2023-06-09 21:39:25 UTC	0 - 0 - 2	videouyt.blogspot.com.co/	142.250.74.1
2023-06-09 21:38:25 UTC	0 - 0 - 10	security-page-community-standards.blogspot.ba/	142.250.74.1
2023-06-09 21:25:24 UTC	0 - 0 - 1	xnxxvideo2a.blogspot.ae/	142.250.74.1
2023-06-09 21:25:06 UTC	0 - 0 - 1	realmadridvsbarcelonawalpaper.blogspot.ru/201 (...)	142.250.74.1
2023-06-09 21:25:02 UTC	0 - 0 - 1	maykoupal.blogspot.ie/	142.250.74.1

Date	UQ / IDS / BL	URL	IP
2023-06-09 21:43:18 UTC	0 - 0 - 1	104.199.240.237	104.199.240.237
2023-06-09 21:42:57 UTC	0 - 0 - 1	sekretarsha.blogspot.com/search/label/%C3%83% (...)	172.217.21.161
2023-06-09 21:42:32 UTC	0 - 0 - 8	gamekiemhieponline.blogspot.cz/2015/04/tai-ga (...)	172.217.21.161
2023-06-09 21:42:35 UTC	0 - 0 - 2	eqeqwesdsadasdsa.blogspot.mk/	172.217.21.161
2023-06-09 21:42:27 UTC	0 - 0 - 1	fvcedwsfvcwsdf.blogspot.fi/	172.217.21.161

Date	UQ / IDS / BL	URL	IP
2023-03-12 16:25:08 UTC	0 - 0 - 2	givealwyes.blogspot.am/	142.250.74.1

Date	UQ / IDS / BL	URL	IP
2023-04-04 16:06:11 UTC	0 - 0 - 3	cashmoney621.blogspot.co.id/	216.58.207.193
2023-04-01 18:19:03 UTC	0 - 0 - 3	giveway033.blogspot.sg/	142.250.74.33
2023-03-29 14:31:42 UTC	0 - 0 - 2	cashmoney621.blogspot.lt/	172.217.21.161
2023-03-29 13:40:01 UTC	0 - 0 - 3	giveway033.blogspot.com.mt/	172.217.21.161
2023-03-29 13:33:04 UTC	0 - 0 - 2	giveway033.blogspot.com.by/	142.250.74.65

JavaScript

Executed Scripts (16)

Executed Evals (2)

#1 JavaScript::Eval (size: 20304) - SHA256: 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77

function $d(d) {
    return document.getElementById(d)
}
var proc = location.protocol;
if (proc != 'https:') {
    proc = 'http:'
}
var _image_path = proc + '//addthisevent.com/gfx/icon-calendar-t1.png';
var _ate_license = '';
var _ate_mouse = false;
var _ate_css = 'true';
var _ate_callback = '';
var _ate_dropdown = '';
var _ate_lbl_outlook = 'Outlook Calendar';
var _ate_lbl_google = 'Google Calendar';
var _ate_lbl_yahoo = 'Yahoo Calendar';
var _ate_lbl_hotmail = 'Hotmail Calendar';
var _ate_lbl_ical = 'iCal Calendar';
var _ate_lbl_fb_event = 'Facebook Event';
var _ate_show_outlook = true;
var _ate_show_google = true;
var _ate_show_yahoo = true;
var _ate_show_hotmail = true;
var _ate_show_ical = true;
var _ate_show_facebook = true;
var _d_rd = false;
var _ate_btn_found = false;
var _ate_btn_expo = false;
var addthisevent = function() {
    var D = false,
        dropzcx = 1,
        olddrop = '',
        dropmousetim, css1 = false,
        css2 = false;
    return {
        generate: function() {
            try {
                _image_path = _image_path
            } catch (e) {
                _image_path = proc + '//addthisevent.com/gfx/icon-calendar-t1.png'
            }
            try {
                _ate_license = _license
            } catch (e) {}
            try {
                _ate_mouse = _mouse
            } catch (e) {}
            try {
                _ate_css = _css
            } catch (e) {}
            var b = addthisevent.glicense(_ate_license);
            var c = document.getElementsByTagName('*');
            for (var d = 0; d < c.length; d += 1) {
                var f = '',
                    fbevent = false,
                    str = c[d].className,
                    htmx = '';
                if (addthisevent.hasclass(c[d], 'addthisevent')) {
                    var g = c[d].getElementsByTagName('span');
                    for (var m = 0; m < g.length; m += 1) {
                        if (addthisevent.hasclass(g[m], '_url')) {
                            g[m].style.display = 'none'
                        }
                        if (addthisevent.hasclass(g[m], '_start')) {
                            g[m].style.display = 'none';
                            f += '&dstart=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_end')) {
                            g[m].style.display = 'none';
                            f += '&dend=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_zonecode')) {
                            g[m].style.display = 'none';
                            f += '&dzone=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_summary')) {
                            g[m].style.display = 'none';
                            f += '&dsum=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_description')) {
                            g[m].style.display = 'none';
                            f += '&ddesc=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_location')) {
                            g[m].style.display = 'none';
                            f += '&dloca=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_organizer')) {
                            g[m].style.display = 'none';
                            f += '&dorga=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_organizer_email')) {
                            g[m].style.display = 'none';
                            f += '&dorgaem=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_attendees')) {
                            g[m].style.display = 'none';
                            f += '&datte=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_all_day_event')) {
                            g[m].style.display = 'none';
                            f += '&dallday=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_date_format')) {
                            g[m].style.display = 'none';
                            f += '&dateformat=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_alarm_reminder')) {
                            g[m].style.display = 'none';
                            f += '&alarm=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_recurring')) {
                            g[m].style.display = 'none';
                            f += '&drule=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_uid')) {
                            g[m].style.display = 'none';
                            f += '&uid=' + encodeURIComponent(addthisevent.htmlencode(g[m].innerHTML))
                        }
                        if (addthisevent.hasclass(g[m], '_facebook_event')) {
                            if (g[m].innerHTML != '') {
                                g[m].style.display = 'none';
                                var h = g[m].innerHTML.replace(/ /gi, "");
                                f += '&fbevent=' + encodeURIComponent(h);
                                fbevent = true
                            }
                        }
                    }
                    if (b) {
                        f += '&credits=false'
                    }
                    f = f.replace(/'/gi, "�");
                    if (_ate_dropdown != '') {
                        _ate_dropdown = _ate_dropdown + ',';
                        _ate_dropdown = _ate_dropdown.replace(/ /gi, '');
                        var i = _ate_dropdown.split(',');
                        for (var a = 0; a < i.length; a += 1) {
                            if (_ate_show_outlook && i[a] == 'outlook') {
                                htmx += '<span class="ateoutlook" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'outlook\',\'' + f + '\');">' + _ate_lbl_outlook + '</span>'
                            }
                            if (_ate_show_google && i[a] == 'google') {
                                htmx += '<span class="ategoogle" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'google\',\'' + f + '\');">' + _ate_lbl_google + '</span>'
                            }
                            if (_ate_show_yahoo && i[a] == 'yahoo') {
                                htmx += '<span class="ateyahoo" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'yahoo\',\'' + f + '\');">' + _ate_lbl_yahoo + '</span>'
                            }
                            if (_ate_show_hotmail && i[a] == 'hotmail') {
                                htmx += '<span class="atehotmail" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'hotmail\',\'' + f + '\');">' + _ate_lbl_hotmail + '</span>'
                            }
                            if (_ate_show_ical && i[a] == 'ical') {
                                htmx += '<span class="ateical" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'ical\',\'' + f + '\');">' + _ate_lbl_ical + '</span>'
                            }
                            if (fbevent && i[a] == 'facebook') {
                                if (_ate_show_facebook && i[a] == 'facebook') {
                                    htmx += '<span class="atefacebook" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'facebook\',\'' + f + '\');">' + _ate_lbl_fb_event + '</span>'
                                }
                            }
                        }
                    } else {
                        if (_ate_show_outlook) {
                            htmx += '<span class="ateoutlook" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'outlook\',\'' + f + '\');">' + _ate_lbl_outlook + '</span>'
                        }
                        if (_ate_show_google) {
                            htmx += '<span class="ategoogle" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'google\',\'' + f + '\');">' + _ate_lbl_google + '</span>'
                        }
                        if (_ate_show_yahoo) {
                            htmx += '<span class="ateyahoo" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'yahoo\',\'' + f + '\');">' + _ate_lbl_yahoo + '</span>'
                        }
                        if (_ate_show_hotmail) {
                            htmx += '<span class="atehotmail" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'hotmail\',\'' + f + '\');">' + _ate_lbl_hotmail + '</span>'
                        }
                        if (_ate_show_ical) {
                            htmx += '<span class="ateical" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'ical\',\'' + f + '\');">' + _ate_lbl_ical + '</span>'
                        }
                        if (fbevent) {
                            if (_ate_show_facebook) {
                                htmx += '<span data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'facebook\',\'' + f + '\');">' + _ate_lbl_fb_event + '</span>'
                            }
                        }
                    }
                    if (!b) {
                        htmx += '<em class="copyx"><em class="brx"></em><em class="frs" data-ref="' + dropzcx + '" onclick="addthisevent.cli(this,\'home\');">AddThisEvent</em></em>'
                    }
                    c[d].id = 'atedrop' + dropzcx;
                    c[d].className = c[d].className.replace(/addthisevent/gi, '');
                    c[d].className = c[d].className + ' addthisevent-drop';
                    c[d].title = '';
                    var j = c[d].getAttribute('data-direct');
                    if (j) {
                        c[d].setAttribute('data-url', f);
                        c[d].setAttribute('data-ref', dropzcx);
                        c[d].onclick = function() {
                            addthisevent.direct(this);
                            return false
                        }
                    } else {
                        if (_ate_mouse) {
                            c[d].onmouseover = function() {
                                clearTimeout(dropmousetim);
                                addthisevent.show(this, 'auto', 'auto', true)
                            };
                            c[d].onmouseout = function() {
                                dropmousetim = setTimeout("addthisevent.out();", 200)
                            };
                            c[d].onclick = function() {
                                return false
                            }
                        } else {
                            c[d].onclick = function() {
                                addthisevent.show(this, 'auto', 'auto');
                                return false
                            }
                        }
                    }
                    var k = c[d];
                    var l = document.createElement('span');
                    l.id = 'atedrop' + dropzcx + '-drop';
                    l.className = 'addthisevent_dropdown';
                    l.innerHTML = htmx;
                    k.appendChild(l);
                    dropzcx++;
                    _ate_btn_found = true
                }
            }
            if (_ate_css == 'false') {
                addthisevent.trycss()
            } else {
                addthisevent.applycss(b)
            }
            if (_ate_btn_found && !_ate_btn_expo) {
                _ate_btn_expo = true;
                addthisevent.track({
                    typ: 'exposure',
                    cal: ''
                })
            }
        },
        direct: function(f) {
            var a = f.getAttribute('data-url');
            var b = f.getAttribute('data-direct');
            addthisevent.cli(f, b, a)
        },
        cli: function(f, a, b) {
            var c = '',
                ref = location.href,
                nw = true,
                now = new Date();
            if (a == 'outlook') {
                c = proc + '//addthisevent.com/create/?service=OUTLOOK' + b + '&reference=' + ref;
                nw = false
            }
            if (a == 'google') {
                c = proc + '//addthisevent.com/create/?service=GOOGLE' + b + '&reference=' + ref
            }
            if (a == 'yahoo') {
                c = proc + '//addthisevent.com/create/?service=YAHOO' + b + '&reference=' + ref
            }
            if (a == 'hotmail') {
                c = proc + '//addthisevent.com/create/?service=HOTMAIL' + b + '&reference=' + ref
            }
            if (a == 'ical') {
                c = proc + '//addthisevent.com/create/?service=ICAL' + b + '&reference=' + ref;
                nw = false
            }
            if (a == 'facebook') {
                c = proc + '//addthisevent.com/create/?service=FACEBOOK' + b + '&reference=' + ref
            }
            if (a == 'home') {
                c = proc + '//addthisevent.com/'
            }
            if (c != '') {
                if (a != 'home') {
                    var d = f.getAttribute('data-ref');
                    var g = $d('atedrop' + d);
                    if (g) {
                        var h = g.getAttribute('data-track');
                        if (h != null) {
                            h = h.replace(/ate-calendar/gi, a);
                            try {
                                eval(h)
                            } catch (e) {}
                        }
                    }
                }
                if (!$d('atecllink')) {
                    var j = document.createElement("a");
                    j.id = 'atecllink';
                    j.rel = 'external';
                    j.innerHTML = '{addthisevent-ghost-link}';
                    j.style.display = 'none';
                    document.body.appendChild(j)
                }
                var k = $d('atecllink');
                if (nw) {
                    k.target = '_blank'
                } else {
                    k.target = '_self'
                }
                k.href = c;
                addthisevent.eclick('atecllink')
            }
            addthisevent.track({
                typ: 'click',
                cal: a
            });
            if (_ate_callback) {
                for (var i = 0; i < _ate_callback.length; i++) {
                    try {
                        eval(_ate_callback[i])
                    } catch (e) {
                        alert(e.description)
                    }
                }
            }
        },
        applycss: function(a) {
            if (!css2) {
                var b;
                b = '.addthisevent-drop {display:inline-block;position:relative;font-family:arial;color:#333!important;background:#f4f4f4 url(' + _image_path + ') no-repeat 9px 50%;text-decoration:none!important;border:1px solid #d9d9d9;color:#555;font-weight:bold;font-size:14px;text-decoration:none;padding:9px 12px 8px 35px;-moz-border-radius:2px;-webkit-border-radius:2px;-webkit-touch-callout:none;-webkit-user-select:none;-khtml-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;}';
                b += '.addthisevent-drop:hover {border:1px solid #aab9d4;color:#555;font-weight:bold;font-size:14px;text-decoration:none!important;}';
                b += '.addthisevent-drop:active {top:1px;}';
                b += '.addthisevent-selected {background-color:#f7f7f7;}';
                if (a) {
                    b += '.addthisevent_dropdown {width:200px;position:absolute;z-index:99999;padding:0px 0px 0px 0px;background:#fff;text-align:left;display:none;margin-top:-2px;margin-left:-1px;border-top:1px solid #c8c8c8;border-right:1px solid #bebebe;border-bottom:1px solid #a8a8a8;border-left:1px solid #bebebe;-moz-border-radius:2px;-webkit-border-radius:2px;-webkit-box-shadow:1px 3px 6px rgba(0,0,0,0.15);-moz-box-shadow:1px 3px 6px rgba(0,0,0,0.15);box-shadow:1px 3px 6px rgba(0,0,0,0.15);}'
                } else {
                    b += '.addthisevent_dropdown {width:200px;position:absolute;z-index:99999;padding:6px 0px 0px 0px;background:#fff;text-align:left;display:none;margin-top:-2px;margin-left:-1px;border-top:1px solid #c8c8c8;border-right:1px solid #bebebe;border-bottom:1px solid #a8a8a8;border-left:1px solid #bebebe;-moz-border-radius:2px;-webkit-border-radius:2px;-webkit-box-shadow:1px 3px 6px rgba(0,0,0,0.15);-moz-box-shadow:1px 3px 6px rgba(0,0,0,0.15);box-shadow:1px 3px 6px rgba(0,0,0,0.15);}'
                }
                b += '.addthisevent_dropdown span {display:block;cursor:pointer;line-height:110%;background:#fff;text-decoration:none;font-size:12px;color:#6d84b4;padding:8px 10px 9px 15px;}';
                b += '.addthisevent_dropdown span:hover {background:#f4f4f4;color:#6d84b4;text-decoration:none;font-size:12px;}';
                b += '.addthisevent span {display:none!important;}';
                b += '.addthisevent-drop ._url,.addthisevent-drop ._start,.addthisevent-drop ._end,.addthisevent-drop ._zonecode,.addthisevent-drop ._summary,.addthisevent-drop ._description,.addthisevent-drop ._location,.addthisevent-drop ._organizer,.addthisevent-drop ._organizer_email,.addthisevent-drop ._facebook_event,.addthisevent-drop ._all_day_event {display:none!important;}';
                b += '.addthisevent_dropdown .copyx {width:200px;height:21px;display:block;position:relative;cursor:default;}';
                b += '.addthisevent_dropdown .brx {width:180px;height:1px;overflow:hidden;background:#e0e0e0;position:absolute;z-index:100;left:10px;top:9px;}';
                b += '.addthisevent_dropdown .frs {position:absolute;top:5px;cursor:pointer;right:10px;padding-left:10px;font-style:normal;font-weight:normal;text-align:right;z-index:101;line-height:110%;background:#fff;text-decoration:none;font-size:9px;color:#cacaca;}';
                b += '.addthisevent_dropdown .frs:hover {color:#999!important;}';
                var c = document.createElement("style");
                c.type = "text/css";
                c.id = "ate_css";
                if (c.styleSheet) {
                    c.styleSheet.cssText = b
                } else {
                    c.appendChild(document.createTextNode(b))
                }
                document.getElementsByTagName("head")[0].appendChild(c);
                css2 = true
            }
        },
        trycss: function() {
            if (!css1) {
                try {
                    var a = '.addthisevent {visibility:hidden;}';
                    a += '.addthisevent-drop ._url,.addthisevent-drop ._start,.addthisevent-drop ._end,.addthisevent-drop ._zonecode,.addthisevent-drop ._summary,.addthisevent-drop ._description,.addthisevent-drop ._location,.addthisevent-drop ._organizer,.addthisevent-drop ._organizer_email,.addthisevent-drop ._attendees,.addthisevent-drop ._facebook_event,.addthisevent-drop ._all_day_event {display:none!important;}';
                    var b = document.createElement("style");
                    b.type = "text/css";
                    if (b.styleSheet) {
                        b.styleSheet.cssText = a
                    } else {
                        b.appendChild(document.createTextNode(a))
                    }
                    document.getElementsByTagName("head")[0].appendChild(b)
                } catch (e) {}
                css1 = true;
                addthisevent.track({
                    typ: 'jsinit',
                    cal: ''
                })
            }
        },
        removecss: function() {
            try {
                return (hdx = $d('ate_css')) ? hdx.parentNode.removeChild(hdx) : false
            } catch (e) {}
        },
        show: function(f, o, a, b) {
            var c = f.id;
            var d = $d(c);
            var g = $d(c + '-drop');
            if (d && g) {
                if (olddrop != c) {
                    addthisevent.hide(olddrop)
                }
                var h = addthisevent.getstyle(g, 'display');
                try {
                    f.blur()
                } catch (e) {};
                if (h == 'block') {
                    if (b) {} else {
                        addthisevent.hide(c)
                    }
                } else {
                    olddrop = c;
                    d.className = d.className + ' addthisevent-selected';
                    d.style.zIndex = addthisevent.topzindex();
                    g.style.left = '0px';
                    g.style.top = '0px';
                    g.style.display = 'block';
                    setTimeout("addthisevent.tim();", 350);
                    D = false;
                    var i = parseInt(d.offsetHeight);
                    var j = parseInt(d.offsetWidth);
                    var k = parseInt(g.offsetHeight);
                    var l = parseInt(g.offsetWidth);
                    var m = addthisevent.viewport();
                    var n = m.split('/');
                    var p = parseInt(n[0]);
                    var q = parseInt(n[1]);
                    var r = parseInt(n[2]);
                    var s = parseInt(n[3]);
                    var t = addthisevent.elementposition(g);
                    var u = t.split('/');
                    var v = parseInt(u[0]);
                    var w = parseInt(u[1]);
                    var x = w + k;
                    var y = q + s;
                    var z = v + l;
                    var A = p + r;
                    var B = 0,
                        dropy = 0;
                    if (o == 'down' && a == 'left') {
                        B = '0px';
                        dropy = i + 'px'
                    } else if (o == 'up' && a == 'left') {
                        B = '0px';
                        dropy = -k + 'px'
                    } else if (o == 'down' && a == 'right') {
                        B = -(l - j) + 'px';
                        dropy = i + 'px'
                    } else if (o == 'up' && a == 'right') {
                        B = -(l - j) + 'px';
                        dropy = -k + 'px'
                    } else if (o == 'auto' && a == 'left') {
                        B = '0px';
                        if (x > y) {
                            dropy = -k + 'px'
                        } else {
                            dropy = i + 'px'
                        }
                    } else if (o == 'auto' && a == 'right') {
                        B = -(l - j) + 'px';
                        if (x > y) {
                            dropy = -k + 'px'
                        } else {
                            dropy = i + 'px'
                        }
                    } else {
                        if (x > y) {
                            dropy = -k + 'px'
                        } else {
                            dropy = i + 'px'
                        }
                        if (z > A) {
                            B = -(l - j) + 'px'
                        } else {
                            B = '0px'
                        }
                    }
                    g.style.left = B;
                    g.style.top = dropy;
                    var C = 'ontouchstart' in document.documentElement ? 'touchstart' : 'click';
                    if (document.addEventListener) {
                        document.addEventListener(C, function() {
                            if (D) {
                                setTimeout(function() {
                                    addthisevent.force(c)
                                }, 300)
                            }
                        }, false)
                    } else if (document.attachEvent) {
                        document.attachEvent("on" + C, function() {
                            if (D) {
                                setTimeout(function() {
                                    addthisevent.force(c)
                                }, 300)
                            }
                        })
                    } else {
                        document.onclick = function() {
                            addthisevent.force(c)
                        }
                    }
                }
            }
        },
        force: function(f) {
            var a = $d(f);
            var b = $d(f + '-drop');
            if (a && b) {
                if (D && b.style.display == 'block') {
                    setTimeout("addthisevent.hide('" + f + "');", 350)
                }
            }
        },
        out: function() {
            addthisevent.force(olddrop)
        },
        hide: function(f) {
            var a = $d(f);
            var b = $d(f + '-drop');
            if (a && b) {
                a.className = a.className.replace(/addthisevent-selected/gi, '');
                b.style.display = 'none';
                b.style.zIndex = ''
            }
        },
        tim: function() {
            D = true
        },
        topzindex: function() {
            var a = 99999;
            var b = document.getElementsByTagName('*');
            for (var d = 0; d < b.length; d += 1) {
                if (addthisevent.hasclass(b[d], 'addthisevent-drop') || addthisevent.hasclass(b[d], 'addeventstc-drop')) {
                    var c = addthisevent.getstyle(b[d], 'z-index');
                    if (!isNaN(parseFloat(c)) && isFinite(c)) {
                        c = parseInt(c);
                        if (c > a) {
                            a = c
                        }
                    }
                }
            }
            a++;
            return a
        },
        viewport: function() {
            var w = 0,
                h = 0,
                y = 0,
                x = 0;
            if (typeof(window.innerWidth) == 'number') {
                w = window.innerWidth;
                h = window.innerHeight
            } else if (document.documentElement && (document.documentElement.clientWidth || document.documentElement.clientHeight)) {
                w = document.documentElement.clientWidth;
                h = document.documentElement.clientHeight
            } else if (document.body && (document.body.clientWidth || document.body.clientHeight)) {
                w = document.body.clientWidth;
                h = document.body.clientHeight
            }
            if (document.all) {
                x = (document.documentElement.scrollLeft) ? document.documentElement.scrollLeft : document.body.scrollLeft;
                y = (document.documentElement.scrollTop) ? document.documentElement.scrollTop : document.body.scrollTop
            } else {
                x = window.pageXOffset;
                y = window.pageYOffset
            }
            return w + '/' + h + '/' + x + '/' + y
        },
        elementposition: function(a) {
            var x = 0,
                y = 0;
            if (a.offsetParent) {
                x = a.offsetLeft;
                y = a.offsetTop;
                while (a = a.offsetParent) {
                    x += a.offsetLeft;
                    y += a.offsetTop
                }
            }
            return x + '/' + y
        },
        getstyle: function(a, b) {
            var x = a;
            var y;
            if (x.currentStyle) {
                y = x.currentStyle[b]
            } else if (window.getComputedStyle) {
                y = document.defaultView.getComputedStyle(x, null).getPropertyValue(b)
            }
            return y
        },
        glicense: function(f) {
            var b = location.href;
            var c = true;
            var d = f;
            var e = d.length;
            if (e == 20) {
                var a = d.substring(0, 1);
                var z = d.substring(9, 10);
                var m = d.substring(17, 18);
                if (a != 'a') {
                    c = false
                }
                if (z != 'z') {
                    c = false
                }
                if (m != 'm') {
                    c = false
                }
            } else {
                c = false
            }
            if (b.indexOf('addthisevent.com') == -1 && d == 'aao8iuet5zp9iqw5sm9z') {
                c = false
            }
            return c
        },
        refresh: function() {
            var a = document.getElementsByTagName('*');
            for (var d = 0; d < a.length; d += 1) {
                if (addthisevent.hasclass(a[d], 'addthisevent-drop')) {
                    a[d].className = a[d].className.replace(/addthisevent-drop/gi, '');
                    a[d].className = a[d].className.replace(/addthisevent/gi, '');
                    a[d].className = a[d].className + ' addthisevent'
                }
            }
            _ate_btn_expo = false;
            addthisevent.generate()
        },
        callcack: function(f) {
            _ate_callback = f
        },
        setlabel: function(l, t) {
            var x = l.toLowerCase();
            if (x == 'outlook') {
                _ate_lbl_outlook = t
            }
            if (x == 'google') {
                _ate_lbl_google = t
            }
            if (x == 'yahoo') {
                _ate_lbl_yahoo = t
            }
            if (x == 'ical') {
                _ate_lbl_ical = t
            }
            if (x == 'facebookevent') {
                _ate_lbl_fb_event = t
            }
        },
        settings: function(c) {
            if (c.license != undefined) {
                _ate_license = c.license
            }
            if (c.css != undefined) {
                if (c.css) {
                    _ate_css = 'true'
                } else {
                    _ate_css = 'false';
                    addthisevent.removecss()
                }
            }
            if (c.mouse != undefined) {
                _ate_mouse = c.mouse
            }
            if (c.outlook != undefined) {
                if (c.outlook.show != undefined) {
                    _ate_show_outlook = c.outlook.show
                }
            }
            if (c.google != undefined) {
                if (c.google.show != undefined) {
                    _ate_show_google = c.google.show
                }
            }
            if (c.yahoo != undefined) {
                if (c.yahoo.show != undefined) {
                    _ate_show_yahoo = c.yahoo.show
                }
            }
            if (c.hotmail != undefined) {
                if (c.hotmail.show != undefined) {
                    _ate_show_hotmail = c.hotmail.show
                }
            }
            if (c.ical != undefined) {
                if (c.ical.show != undefined) {
                    _ate_show_ical = c.ical.show
                }
            }
            if (c.facebook != undefined) {
                if (c.facebook.show != undefined) {
                    _ate_show_facebook = c.facebook.show
                }
            }
            if (c.outlook != undefined) {
                if (c.outlook.text != undefined) {
                    _ate_lbl_outlook = c.outlook.text
                }
            }
            if (c.google != undefined) {
                if (c.google.text != undefined) {
                    _ate_lbl_google = c.google.text
                }
            }
            if (c.yahoo != undefined) {
                if (c.yahoo.text != undefined) {
                    _ate_lbl_yahoo = c.yahoo.text
                }
            }
            if (c.hotmail != undefined) {
                if (c.hotmail.text != undefined) {
                    _ate_lbl_hotmail = c.hotmail.text
                }
            }
            if (c.ical != undefined) {
                if (c.ical.text != undefined) {
                    _ate_lbl_ical = c.ical.text
                }
            }
            if (c.facebook != undefined) {
                if (c.facebook.text != undefined) {
                    _ate_lbl_fb_event = c.facebook.text
                }
            }
            if (c.dropdown != undefined) {
                if (c.dropdown.order != undefined) {
                    _ate_dropdown = c.dropdown.order
                }
            }
            if (c.callback != undefined) {
                _ate_callback = c.callback
            }
        },
        hasclass: function(e, c) {
            return new RegExp('(\\s|^)' + c + '(\\s|$)').test(e.className)
        },
        htmlencode: function(a) {
            var b = a.replace(/<br\s*[\/]?>/gi, "\n");
            b = b.replace(/<(?:.|\n)*?>/gm, '');
            b = b.replace(/(^\s+|\s+$)/g, '');
            var c = document.createElement("div");
            var d = document.createTextNode(b);
            c.appendChild(d);
            return c.innerHTML
        },
        eclick: function(a) {
            var b = document.getElementById(a);
            if (b.click) {
                b.click()
            } else if (document.createEvent) {
                var c = document.createEvent('MouseEvents');
                c.initEvent('click', true, true);
                b.dispatchEvent(c)
            }
        },
        track: function(a) {
            var b = new Image(1, 1);
            var d = new Date();
            var c = d.getTime();
            var e = encodeURIComponent(window.location.href);
            b.src = proc + '//track.addevent.com/atc/?trktyp=' + a.typ + '&trkcal=' + a.cal + '&guid=' + addthisevent.getguid() + '&url=' + e + '&cache=' + c
        },
        getguid: function() {
            var a = "addevent_track_cookie=",
                coov = '';
            var b = document.cookie.split(';');
            for (var i = 0; i < b.length; i++) {
                var c = b[i];
                while (c.charAt(0) == ' ') {
                    c = c.substring(1, c.length)
                }
                if (c.indexOf(a) == 0) {
                    coov = c.substring(a.length, c.length)
                }
            }
            if (coov == '') {
                var d = (addthisevent.s4() + addthisevent.s4() + "-" + addthisevent.s4() + "-4" + addthisevent.s4().substr(0, 3) + "-" + addthisevent.s4() + "-" + addthisevent.s4() + addthisevent.s4() + addthisevent.s4()).toLowerCase();
                var e = new Date();
                e.setTime(e.getTime() + (365 * 24 * 60 * 60 * 1000));
                var f = "expires=" + e.toUTCString();
                document.cookie = "addevent_track_cookie=" + d + "; " + f;
                coov = d
            }
            return coov
        },
        s4: function() {
            return (((1 + Math.random()) * 0x10000) | 0).toString(16).substring(1)
        }
    }
}();
if (window.addEventListener) {
    window.addEventListener("DOMContentLoaded", function() {
        _d_rd = true;
        addthisevent.trycss();
        addthisevent.generate()
    }, false);
    window.addEventListener("load", function() {
        addthisevent.generate()
    }, false)
} else if (window.attachEvent) {
    window.attachEvent("onreadystatechange", function() {
        _d_rd = true;
        addthisevent.trycss();
        addthisevent.generate()
    });
    window.attachEvent("onload", function() {
        addthisevent.generate()
    })
} else {
    window.onload = function() {
        addthisevent.generate()
    }
}
if (!_d_rd) {
    setTimeout("addthisevent.trycss();addthisevent.generate();", 20)
}

#2 JavaScript::Eval (size: 119) - SHA256: c86f169f0657c6b92313fe640219830c515fbe6ac9107b6fb87e43c97faf8deb

createCookie('is_eu', false);
createCookie('nyq46n18ktg80yag', true, 365);
createCookie('11341740_viewed_5', '1', 365);

Executed Writes (0)

HTTP Transactions (48)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BDEF4E5EDFE0BF3FEFB4DC5625E41F3FAEB23A0AFD24C4E6255F40F757568C35" Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5165 Expires: Sun, 12 Mar 2023 17:51:02 GMT Date: Sun, 12 Mar 2023 16:24:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 405abd45d42535567c1ecb518f4bdb04 Sha1: 0505c27fe2921bfa89657173fb77ca7280f04772 Sha256: bdef4e5edfe0bf3fefb4dc5625e41f3faeb23a0afd24c4e6255f40f757568c35
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "370104DF5DD8F739601A4BE42AE41BB92F365DCF585823A3C14733F7C394E926" Last-Modified: Sun, 12 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19931 Expires: Sun, 12 Mar 2023 21:57:08 GMT Date: Sun, 12 Mar 2023 16:24:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 234b80a5a27f3d377e322e680413479d Sha1: 3da8ba535ec19898f5b83ece48cd4038ac2bf557 Sha256: 370104df5dd8f739601a4be42ae41bb92f365dcf585823a3c14733f7c394e926
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 12 Mar 2023 16:13:59 GMT age: 658 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 7f03faaba3392caae6dae54467bfdf6d Sha1: 57ea1f14e8bfbcca8190c706d708c9fda12442c1 Sha256: 02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "225214187DF3F50835A8AAFCC4555FE47CF0B78938B71D34FB422942292B153B" Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10426 Expires: Sun, 12 Mar 2023 19:18:43 GMT Date: Sun, 12 Mar 2023 16:24:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1a564ae484daef6a82bb08116ad794eb Sha1: f75350abf28a42c16324901035889a1f3af700a1 Sha256: 225214187df3f50835a8aafcc4555fe47cf0b78938b71d34fb422942292b153b
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 5syd2KYrC4jEA+fH9CCBewpltzM5TjhM9nKavJ9IKKLtgaFeb030A1HktY5zkb+4POqObpjyoaw= x-amz-request-id: S545S43VB8GW25CM x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 12 Mar 2023 16:19:46 GMT age: 311 last-modified: Sat, 18 Feb 2023 20:28:27 GMT etag: "b5ba6334e73496995e3e3a9ecd0eb323" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: b5ba6334e73496995e3e3a9ecd0eb323 Sha1: ad80d3b7718c28364e8c2004fb38a13a1747e462 Sha256: aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 12 Mar 2023 16:24:57 GMT content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET / HTTP/1.1 Host: givealwyes.blogspot.am User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	142.250.74.1 HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Location: http://givealwyes.blogspot.com/ Content-Encoding: gzip Date: Sun, 12 Mar 2023 16:24:57 GMT Expires: Sun, 12 Mar 2023 16:24:57 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Content-Length: 179 Server: GSE --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text Size: 179 Md5: 187ec7cbdadb203aa0083ff8bc7e3ff7 Sha1: 08c8c4a3d9eac6b8d123b7b12e4a87747783a3f6 Sha256: 4dcf56bd795c399cf568647cf0d674941a21f7fff19d1f622da31a0a1d0e1969
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Backoff, Pragma, Last-Modified, ETag, Retry-After, Cache-Control, Content-Type, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 12 Mar 2023 16:12:32 GMT age: 745 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET / HTTP/1.1 Host: givealwyes.blogspot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	142.250.74.1 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Location: https://givealwyes.blogspot.com/ Content-Encoding: gzip Date: Sun, 12 Mar 2023 16:24:57 GMT Expires: Sun, 12 Mar 2023 16:24:57 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block Content-Length: 179 Server: GSE --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text Size: 179 Md5: 2a4ea7795f597f06c62a9e4cc1798967 Sha1: 81c05163331397d193c2e554fbabf288b38b590e Sha256: 5cabaf835b734208c4521bf2154b44e8271b8cee5499eefeba90d5bc35e32d60 Blocklists: - fortinet: Phishing
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 12 Mar 2023 16:24:57 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 5ef96e6f9c6366d423a02be120c118aa Sha1: a66aba5963b2a7cb2d64e8b580bcf7b8147c534c Sha256: c70a73701100ded860145e7ff35f8c0d8368274247d718197e053325073470eb
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5C910268B5C4F0244540C5570056673F8CBE4A0979F301363CB56DC359C147DF" Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5237 Expires: Sun, 12 Mar 2023 17:52:14 GMT Date: Sun, 12 Mar 2023 16:24:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: db27ecc2f481e8871b2e99584e751660 Sha1: e671ecb839d53e296f4ec303208ddb713c72aecc Sha256: 5c910268b5c4f0244540c5570056673f8cbe4a0979f301363cb56dc359c147df
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: smyA81BrdbFfWOAe7YQXPw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	35.164.39.216 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: v4lOYO0kJ9Ud3eV3dkEGzybq6QM= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: givealwyes.blogspot.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	142.250.74.1 HTTP/2 200 OK content-type: text/html; charset=UTF-8 expires: Sun, 12 Mar 2023 16:24:58 GMT date: Sun, 12 Mar 2023 16:24:58 GMT cache-control: private, max-age=0 last-modified: Sun, 15 Jan 2023 23:27:18 GMT etag: W/"e0072095e25e693962ee4c37df66be98a91c2a272c9edfd160ddc71bb3b7f005" content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 12245 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1971) Size: 12245 Md5: 293428001e8b27b128a18d344f5b49a7 Sha1: 3410fb566ce558e43b5854d1d89c4e906ff5cf07 Sha256: a8da5364d6c6bee7a52a2971d3b903babd1a41647939d1c2adce1ec2f0a80f62 Blocklists: - fortinet: Phishing
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 12 Mar 2023 16:24:58 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 5ef96e6f9c6366d423a02be120c118aa Sha1: a66aba5963b2a7cb2d64e8b580bcf7b8147c534c Sha256: c70a73701100ded860145e7ff35f8c0d8368274247d718197e053325073470eb
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 12 Mar 2023 16:24:58 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3c5612c5131d59819b60bcd3123fbe1e Sha1: 86f82bfa3a20987ac256d2efd06dc95c0df285e8 Sha256: 00fc14cc05fb85329d10ee97f1c959244f274c67d56a37f4eb8006acd0e867bf
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 12 Mar 2023 16:24:58 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 0dcb64c2f1edc4c2d8e81718261281ee Sha1: d9429f940ff33d9176fc94eb759ecb3d0f83ada5 Sha256: 4aac98d2ea104410ee557819e78e3b041d1d3dba64b1f7768a685ada4143df94
GET /assets/lander.js HTTP/1.1 Host: www.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.64.148.75 HTTP/2 302 Found date: Sun, 12 Mar 2023 16:24:58 GMT content-length: 0 location: https://classic.clickfunnels.com/assets/lander.js set-cookie: __cf_bm=aEpUtfdyl7iJ5S6rIwoHgNsz1n0g9dFqDp9wxEhYTNc-1678638298-0-AUl1q3v6mp/g9a+Q15z7zXVNRpAci/T1ImR9+XQewwPBIIBkGdJ54XlGUhlifuia2H5CVV60rPgSu0CW77XdVfQ=; path=/; expires=Sun, 12-Mar-23 16:54:58 GMT; domain=.www.clickfunnels.com; HttpOnly; Secure; SameSite=None vary: Accept-Encoding server: cloudflare cf-ray: 7a6d63f77be3b517-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 12 Mar 2023 16:24:58 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3c5612c5131d59819b60bcd3123fbe1e Sha1: 86f82bfa3a20987ac256d2efd06dc95c0df285e8 Sha256: 00fc14cc05fb85329d10ee97f1c959244f274c67d56a37f4eb8006acd0e867bf
GET /assets/lander.css HTTP/1.1 Host: www.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.64.148.75 HTTP/2 302 Found date: Sun, 12 Mar 2023 16:24:58 GMT content-length: 0 location: https://classic.clickfunnels.com/assets/lander.css set-cookie: __cf_bm=GADzoX1.4xwAMv49WwwnQb_QedV5Jz5SE_zY4wACy2A-1678638298-0-AVUe5MRRwceYqoyKe8elQdtMXGVX91R9j1LYa7XzIe59xo90I3Q728jUXKrhP7EnMDf/zfjLFwKe65lhBLTZLc8=; path=/; expires=Sun, 12-Mar-23 16:54:58 GMT; domain=.www.clickfunnels.com; HttpOnly; Secure; SameSite=None vary: Accept-Encoding server: cloudflare cf-ray: 7a6d63f77bddb517-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 12 Mar 2023 16:24:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: c11248ad196c57fdf878000b4591a416 Sha1: f86236c890bcceaf313e5021bf8ef6669688ea77 Sha256: 550e8187d0a76ef1d3127e200c20ab609ee72a44bc05c040bf178f4c8ec5eebc
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 12 Mar 2023 16:24:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: c11248ad196c57fdf878000b4591a416 Sha1: f86236c890bcceaf313e5021bf8ef6669688ea77 Sha256: 550e8187d0a76ef1d3127e200c20ab609ee72a44bc05c040bf178f4c8ec5eebc
GET /assets/lander.css HTTP/1.1 Host: classic.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://givealwyes.blogspot.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	104.16.12.194 HTTP/2 200 OK content-type: text/css date: Sun, 12 Mar 2023 16:24:58 GMT cf-ray: 7a6d63f7fc78b4f3-OSL access-control-allow-origin: * age: 431 cache-control: public, max-age=1200 etag: W/"64066306-6a514" expires: Sun, 12 Mar 2023 16:44:58 GMT last-modified: Mon, 06 Mar 2023 22:02:46 GMT strict-transport-security: max-age=0 vary: Accept-Encoding cf-cache-status: HIT access-control-allow-credentials: true access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-max-age: 1728000 set-cookie: __cf_bm=cBzmtoeSLipJIjQmrfpDhnJ9lMyqoul_N95daUSNNOw-1678638298-0-AZdCl87y+DEyDsxiHaSFQkgxrdWiftpdbxLEPLsDCoUye4v7kOwKZvPPcLrKgn+CPFObQl821EQTgLfjZLoAhGmrWZa4M/63KjhYOFIqWqv/; path=/; expires=Sun, 12-Mar-23 16:54:58 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with very long lines (53232) Size: 107296 Md5: 1d4d1012496f1f5ea2dc508d02f5f9c4 Sha1: 16db8faa1a8e5db2c3e25b04c782f17ef0e3ed0f Sha256: 780f9baa2103b8740accb88901559feeb85b4fa6761300b4ab0c378a6f934591
GET /s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://givealwyes.blogspot.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 16348 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 09 Mar 2023 12:07:34 GMT expires: Fri, 08 Mar 2024 12:07:34 GMT cache-control: public, max-age=31536000 age: 274645 last-modified: Mon, 09 May 2022 18:31:32 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 16348, version 1.0\012- data Size: 16348 Md5: 8dc707b4818131fab44d482b1db5d458 Sha1: 8a0ff82b12fa25391ce17a6ae069d7fe5002f12d Sha256: 9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 12 Mar 2023 16:24:59 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: c11248ad196c57fdf878000b4591a416 Sha1: f86236c890bcceaf313e5021bf8ef6669688ea77 Sha256: 550e8187d0a76ef1d3127e200c20ab609ee72a44bc05c040bf178f4c8ec5eebc
GET /assets/pushcrew.js HTTP/1.1 Host: app.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	104.16.12.194 HTTP/2 200 OK content-type: application/x-javascript date: Sun, 12 Mar 2023 16:24:58 GMT cf-ray: 7a6d63f77b11b4f3-OSL access-control-allow-origin: * age: 626 cache-control: public, max-age=1200 etag: W/"64066305-27d" expires: Sun, 12 Mar 2023 16:44:58 GMT last-modified: Mon, 06 Mar 2023 22:02:45 GMT strict-transport-security: max-age=0 vary: Accept-Encoding cf-cache-status: HIT access-control-allow-credentials: true access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-max-age: 1728000 set-cookie: __cf_bm=1FGeWzpYhPW5U1ZSVlRNq_ToPp43ldR0jVDjTYa5WUY-1678638298-0-ATqQKoRZpY0waHDxc8tlnDnzCh+8lalZszQ5Lv1AzkVFARY5phCOkgZmcLVLqSprbF/sOPfoCTYoNQCU8ZXwWOHnGVbCe75nPJpLrx7CYAWY; path=/; expires=Sun, 12-Mar-23 16:54:58 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (637), with no line terminators Size: 182002 Md5: 8187e9ba919042e4e37197aa6707db86 Sha1: 22becb64b6df5b904f0d40e3a7001f37a7ea1da7 Sha256: 2f2983c1c57f02253851b738ad227a49354baa661505427723b31133b71ce6b9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818" Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10404 Expires: Sun, 12 Mar 2023 19:18:23 GMT Date: Sun, 12 Mar 2023 16:24:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2573307db8caef0a070ba3ebd4f61e2e Sha1: 28e8cb63280e9b5e4184017cb22aa5f197007450 Sha256: 87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818" Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10404 Expires: Sun, 12 Mar 2023 19:18:23 GMT Date: Sun, 12 Mar 2023 16:24:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2573307db8caef0a070ba3ebd4f61e2e Sha1: 28e8cb63280e9b5e4184017cb22aa5f197007450 Sha256: 87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818" Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10404 Expires: Sun, 12 Mar 2023 19:18:23 GMT Date: Sun, 12 Mar 2023 16:24:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2573307db8caef0a070ba3ebd4f61e2e Sha1: 28e8cb63280e9b5e4184017cb22aa5f197007450 Sha256: 87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 12 Mar 2023 16:24:58 GMT date: Sun, 12 Mar 2023 16:24:58 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 6930 Md5: 7d83840f4c38bef02fcaa13c92f8a41c Sha1: 053436b23c126d17b22f3beda86568fbab6acc94 Sha256: ee6a3657b7e0014ea16b648019249436f24411650fb8c85759e544b1a75548f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6dda5706-64c5-467d-9645-a46dedb81818.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6053 x-amzn-requestid: 5f306311-ac84-4ce2-b9c2-6af31c110062 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Bosb-FD5oAMFwJw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640cf44c-61fea28e45516fad0d30cf65;Sampled=0 x-amzn-remapped-date: Sat, 11 Mar 2023 21:36:12 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: gE_WoxZmuEc9mzbWmh3tMo_UshbjeTGIdbA8xew7ZB44sigj9fR3cw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 22:09:20 GMT age: 65739 etag: "eada4a4de40e5035173bb18ee51aacd624b8b169" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6053 Md5: 6a4d6ee7d459e2a9b742d0dbca932998 Sha1: eada4a4de40e5035173bb18ee51aacd624b8b169 Sha256: 2e6eef4f452ef3700d4c9d06e8c3bf8999e077e24c332ab4670edd0884839d38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd79ce52-61f2-47b0-a88d-03f2fe3aa889.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8845 x-amzn-requestid: b556bc0e-9cf5-4062-9df4-0ccee00cbab2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BoswFH5soAMF2SQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640cf4cd-0ba8e60549c78f9d3b720a20;Sampled=0 x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:21 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: NkwWf1xpGvLrLBG0HbYXV5VH69eG_pxwZtI2-Kp_pilWEmUywXihGQ== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 22:15:44 GMT etag: "6e2c08457854437b2b851340277d31439e5ab470" age: 65355 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8845 Md5: 2fd5c28821c8bf2d62d0c4332f06bd71 Sha1: 6e2c08457854437b2b851340277d31439e5ab470 Sha256: 86725a37e80a10c5b0b52a10e498225d97565752ec25303cb159a34386a49523
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8487 x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BkEcBGizoAMFgOA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0 x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: Nn4eV-UeuWZ02ANOxzTUSgE4UODtaZxeIjp8UJfU8PgUny2shFaDjQ== via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 21:42:25 GMT age: 67354 etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8487 Md5: be71491cee9b47dc3ffb23b4fdff25b3 Sha1: 79c7d22c8df6d305f46c5779ccb9f25169d4d111 Sha256: e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfe3b026-408f-4d8a-8fbd-5c6ae59ab237.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5381 x-amzn-requestid: 6507e3ee-6ce1-46d3-89d7-409b6d7000f2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BosvnHK_IAMFdkQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640cf4ca-3d2fb61641f8b1212fc60c8c;Sampled=0 x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:18 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: NkNRsBnupSmAJQk4lWdlmuZBFtNai49WoU6vDJCj1pkH2MJ-Qx0hjQ== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 21:40:56 GMT age: 67443 etag: "35866e5d26ee25485d090011a1d50ec603d6761b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5381 Md5: ebf97627ec9fd083bf5c22de39a524b5 Sha1: 35866e5d26ee25485d090011a1d50ec603d6761b Sha256: 0b518329364fb793881cb0ff5ef464ecc4cd90c3694dcb7cfef40d0958446a14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae3c2980-a44e-45c6-a99d-629945594f8f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11176 x-amzn-requestid: 8f3332e2-954e-4c35-96c9-390e257f5451 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BosvyFdeIAMF3MA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640cf4cb-3869435d54341ff376a91d06;Sampled=0 x-amzn-remapped-date: Sat, 11 Mar 2023 21:38:19 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: JdyxGvD16BjZNkG6J1b5pDwb4kJcyDZBDJAPi793Hxf3tP3VPm6Izw== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google date: Sat, 11 Mar 2023 22:01:01 GMT age: 66238 etag: "c08733caed5383a2790e0760a889a6e545753105" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11176 Md5: 56954902055f7b634773a3cf27cec213 Sha1: c08733caed5383a2790e0760a889a6e545753105 Sha256: 16aa87074a92c80776c901da479e182fff8e81600d0a026b1e8c2ca38033b4fb
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://givealwyes.blogspot.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 08 Mar 2023 13:15:37 GMT expires: Thu, 07 Mar 2024 13:15:37 GMT cache-control: public, max-age=31536000 age: 356962 last-modified: Wed, 11 May 2022 19:24:48 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://givealwyes.blogspot.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 07 Mar 2023 13:09:06 GMT expires: Wed, 06 Mar 2024 13:09:06 GMT cache-control: public, max-age=31536000 age: 443753 last-modified: Wed, 11 May 2022 19:24:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size: 15860 Md5: e9f5aaf547f165386cd313b995dddd8e Sha1: acdef5603c2387b0e5bffd744b679a24a8bc1968 Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /cf.js HTTP/1.1 Host: classic.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://givealwyes.blogspot.com/ Connection: keep-alive Cookie: __cf_bm=cirIPRcFL.PgVVZFM7zXoLQmZQ0u.5MD5aJ665KopKs-1678638298-0-AUFF/SuA0W8ioMQ8M8rOqOzxG70oDdX+/5OoatecWx2cVSi/+xqYxoYzB/xE8tNg/Lpy9DlcT9i3HxBw1Vbftl8Leipu23zc+6AaQQzk/w6C Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	104.16.12.194 HTTP/2 200 OK content-type: application/x-javascript date: Sun, 12 Mar 2023 16:24:59 GMT cf-ray: 7a6d63fccb17b4f3-OSL access-control-allow-origin: * age: 1488 etag: W/"64066305-476a" last-modified: Mon, 06 Mar 2023 22:02:45 GMT strict-transport-security: max-age=0 vary: Accept-Encoding cf-cache-status: HIT access-control-allow-credentials: true access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-max-age: 1728000 server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 6109 Md5: 871303f02083e5cf67d69a89d41b37b3 Sha1: 7c8bbe0a4f5852b3b24b7dd487dcbf4da8988e9e Sha256: ab148199a6080c65634d2eda29bcce25702f303a2bd07cb55e03109cb7213c3d
GET /cdn-cgi/image/fit=scale-down,width=525,quality=75/https://images.clickfunnels.com/e1/01732557a8495dae440ef867ac90d2/750.png HTTP/1.1 Host: images.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Cookie: __cf_bm=cirIPRcFL.PgVVZFM7zXoLQmZQ0u.5MD5aJ665KopKs-1678638298-0-AUFF/SuA0W8ioMQ8M8rOqOzxG70oDdX+/5OoatecWx2cVSi/+xqYxoYzB/xE8tNg/Lpy9DlcT9i3HxBw1Vbftl8Leipu23zc+6AaQQzk/w6C Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	104.16.12.194 HTTP/2 200 OK content-type: image/png date: Sun, 12 Mar 2023 16:24:59 GMT content-length: 55125 cf-ray: 7a6d63fd2c38b4f3-OSL accept-ranges: bytes cache-control: max-age=2073600 etag: "cfGQ5dyR66HDEHzLtV8dqeX1yyaVCHp4lle0D_wzXqDQ:55e31ea68c70c4a67ee1101514058fd0" last-modified: Tue, 08 Mar 2022 06:01:59 GMT vary: Accept, Accept-Encoding cf-cache-status: HIT cf-bgj: imgq:88,h2pri cf-resized: internal=ok/r q=0 n=63+0 c=6+53 v=2023.3.0 l=55125 content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options: nosniff server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 525 x 262, 8-bit colormap, non-interlaced\012- data Size: 55125 Md5: e84f275282dbf682330ead693c084551 Sha1: d7ed184d7c8e7643aa220d450e6df0f16a79156e Sha256: 4db730c6c301807a63a6bb0b63709face35d4986911b712a3aa7a70e563f4a87
GET /cdn-cgi/image/fit=scale-down,width=1100,quality=75/https://images.clickfunnels.com/25/359622a0f246f3bf1dc8d5201018fd/rr.png HTTP/1.1 Host: images.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Cookie: __cf_bm=cirIPRcFL.PgVVZFM7zXoLQmZQ0u.5MD5aJ665KopKs-1678638298-0-AUFF/SuA0W8ioMQ8M8rOqOzxG70oDdX+/5OoatecWx2cVSi/+xqYxoYzB/xE8tNg/Lpy9DlcT9i3HxBw1Vbftl8Leipu23zc+6AaQQzk/w6C Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	104.16.12.194 HTTP/2 200 OK content-type: image/png date: Sun, 12 Mar 2023 16:24:59 GMT content-length: 3714 cf-ray: 7a6d63fd2c3ab4f3-OSL accept-ranges: bytes cache-control: max-age=2073600 etag: "cfHt5sWAzQX6GCWbI6qI8D5tygVGDYLeeOe329FwKjDQ:33951935a02e1fe912c9730e0fe53157" last-modified: Sun, 13 Mar 2022 07:13:01 GMT vary: Accept, Accept-Encoding cf-cache-status: REVALIDATED cf-bgj: imgq:100,h2pri cf-resized: internal=ok/h q=0 n=25+0 c=0+8 v=2023.3.0 l=3714 content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options: nosniff server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 240 x 190, 8-bit colormap, non-interlaced\012- data Size: 3714 Md5: 0d7eedef0399d6cdd173487c59516543 Sha1: 41fd661ba9b6c05febd53048e446e500b7e8346a Sha256: 06f58c361406af4043a38cc2c68e981e2b9b206372568e96c2ec4d7645c11b6e
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1 Host: static.cloudflareinsights.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://givealwyes.blogspot.com Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	104.16.57.101 HTTP/2 200 OK content-type: text/javascript;charset=UTF-8 date: Sun, 12 Mar 2023 16:24:58 GMT access-control-allow-origin: * cache-control: public, max-age=86400 etag: W/2021.12.0 last-modified: Fri, 21 Oct 2022 01:56:09 GMT cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 7a6d63f7088bb51d-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /cf.js HTTP/1.1 Host: app.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Cookie: __cf_bm=cirIPRcFL.PgVVZFM7zXoLQmZQ0u.5MD5aJ665KopKs-1678638298-0-AUFF/SuA0W8ioMQ8M8rOqOzxG70oDdX+/5OoatecWx2cVSi/+xqYxoYzB/xE8tNg/Lpy9DlcT9i3HxBw1Vbftl8Leipu23zc+6AaQQzk/w6C Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	104.16.12.194 HTTP/2 301 Moved Permanently content-type: text/html date: Sun, 12 Mar 2023 16:24:59 GMT location: https://www.clickfunnels.com/cf.js cf-ray: 7a6d63fbd814b4f3-OSL age: 1047 strict-transport-security: max-age=0 vary: Accept-Encoding cf-cache-status: HIT server: cloudflare X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /releases/v5.9.0/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.64.133.15 HTTP/2 200 OK content-type: text/css date: Sun, 12 Mar 2023 16:24:58 GMT x-amz-id-2: D5Mo7exQT5WqZ1JWwMwvE+13saBvWzx81R04KHDQjke+Km4QbzD5I5t54BEw/JqTRB/hjVxPUSs= x-amz-request-id: 48X5PPB0148RGJHT last-modified: Wed, 30 Jun 2021 15:48:06 GMT etag: W/"dbf9d822cefe851ba6f66e1ad57e8987" cache-control: max-age=31556926 cf-cache-status: HIT age: 1134784 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcraO7u6hsDrbMn3Gi5henVi64UzUXs2icyEw%2F4B8BrVi7nOOUrAbWbOjnqUi0ZYu%2F8Fyd7fdNulQYzFVuKSUwaIm7%2FGTp7PaGupyAylvu%2BYG6%2FUXVA%2FeyPYbnuTtAToTIUxEYCi"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7a6d63f78fdd756a-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.64.133.15 HTTP/2 200 OK content-type: text/css date: Sun, 12 Mar 2023 16:24:58 GMT x-amz-id-2: ChvavqXk4dTUCPMn6FkPgV+eEk+I8QeJyB2yWs6IlFvHBTzu99qI/vw5iTcAXbAfQrEFpY/Y1x8= x-amz-request-id: 48XFPJVPSZ46EFY4 last-modified: Wed, 30 Jun 2021 15:48:06 GMT etag: W/"e140a7d32f343530f016095df3cc2ae4" cache-control: max-age=31556926 cf-cache-status: HIT age: 1134784 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vl0S9QYvPC%2FNjPTFYUqLSaX2c19ZqYv2U5g7hDgAJRgpGhNAPULHnVCQvEJWIz8N23fGr%2FzzROdf3EBXMx6EkmH1CNr1fAyvCsrwLMEAmD3yUXmetO%2BzTWxDE%2F9qiZ%2FD8GaTE1uD"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7a6d63f79ff3756a-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /v1/track?_unique=0.4788600504358407&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//givealwyes.blogspot.com/&_title=Cash%20Grab&_key=zxkf514&_page_key=nyq46n18ktg80yag&_fid=11341740&_fspos=5&_fvrs=1&_funnel_stat=0&_location=https://givealwyes.blogspot.com/&_referrer= HTTP/1.1 Host: app.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://givealwyes.blogspot.com Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	104.16.12.194 HTTP/2 200 OK content-type: text/javascript; charset=utf-8 date: Sun, 12 Mar 2023 16:24:59 GMT cf-ray: 7a6d63fd3c46b4f3-OSL access-control-allow-origin: * cache-control: no-cache, no-store strict-transport-security: max-age=0 vary: Accept-Encoding cf-cache-status: BYPASS access-control-allow-credentials: true access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-max-age: 1728000 access-control-request-method: * status: 200 OK x-frame-options: ALLOWALL x-powered-by: Phusion Passenger Enterprise 6.0.7 x-rack-cache: miss x-request-id: 2c7ee3e6b13e88ef473d7c8040ff7aa5 x-runtime: 0.016433 set-cookie: __cf_bm=kNit7CGM3HL2bgCoiI1__lkRVHv4YiGtZCoGYTma6w0-1678638299-0-Aa/HjtV9klwQ99gn0OwaFwD2i8o2oYv4+pqxRxBegcNvB7BHTqQjA6J6EOQCCrGiot018t+FT8kP2q/KOTPOKTjthlDXrTzFZnsRPzHn666Y; path=/; expires=Sun, 12-Mar-23 16:54:59 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /css?family=sans-serif%7CQuattrocento%7Csans-serif%7CQuattrocento%7Csans-serif%7COxygen%7C%7C HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sun, 12 Mar 2023 16:24:58 GMT date: Sun, 12 Mar 2023 16:24:58 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /a/logo/Cash_App/Cash_App-Logo.wine.svg HTTP/1.1 Host: www.logo.wine User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	188.114.96.1 HTTP/2 200 OK content-type: image/svg+xml; charset=UTF-8 date: Sun, 12 Mar 2023 16:24:59 GMT x-oss-request-id: 6408550517DAE23834D72566 etag: W/"FFABEB6C7C760B02D43A5A13DFACC95D" last-modified: Thu, 23 Jan 2020 02:17:25 GMT x-oss-object-type: Normal x-oss-hash-crc64ecma: 4156017056676619292 x-oss-storage-class: Standard cache-control: public, max-age=315360000 content-md5: /6vrbHx2CwLUOloT36zJXQ== x-oss-server-time: 1 cf-cache-status: HIT age: 96713 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqNeWRGatF3SUOOYxuCTqfQbkQRMnIdG640ZJz%2BFMxgQtxeqtSElE8L6CIqcGN1Lb8DSrkjxR8sHRcU2uaAJf2CL52lNVrkNzcxfMqwNxVjo5SKoxZksv0RaK82iVCsR"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7a6d63fd6a2fb4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /assets/lander.js HTTP/1.1 Host: classic.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://givealwyes.blogspot.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	104.16.12.194 HTTP/2 200 OK content-type: application/x-javascript date: Sun, 12 Mar 2023 16:24:58 GMT cf-ray: 7a6d63f7fc73b4f3-OSL access-control-allow-origin: * age: 468 cache-control: public, max-age=1200 etag: W/"64066359-2381fa" expires: Sun, 12 Mar 2023 16:44:58 GMT last-modified: Mon, 06 Mar 2023 22:04:09 GMT strict-transport-security: max-age=0 vary: Accept-Encoding cf-cache-status: HIT access-control-allow-credentials: true access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-max-age: 1728000 set-cookie: __cf_bm=cirIPRcFL.PgVVZFM7zXoLQmZQ0u.5MD5aJ665KopKs-1678638298-0-AUFF/SuA0W8ioMQ8M8rOqOzxG70oDdX+/5OoatecWx2cVSi/+xqYxoYzB/xE8tNg/Lpy9DlcT9i3HxBw1Vbftl8Leipu23zc+6AaQQzk/w6C; path=/; expires=Sun, 12-Mar-23 16:54:58 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None server: cloudflare content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /assets/userevents/application.js HTTP/1.1 Host: www.clickfunnels.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://givealwyes.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	172.64.148.75 HTTP/2 404 Not Found content-type: text/html; charset=utf-8 date: Sun, 12 Mar 2023 16:24:59 GMT cf-ray: 7a6d63f77bebb517-OSL strict-transport-security: max-age=15724800; includeSubDomains vary: Accept, Origin, Accept-Encoding cf-cache-status: HIT content-security-policy: frame-ancestors 'self' .marketing.ai .myclickfunnels.com; referrer-policy: strict-origin-when-cross-origin x-cf-header: 2.0 x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none x-request-id: 4972cb4cf4a5fd23f901423d3eed259f x-runtime: 0.094224 x-xss-protection: 1; mode=block set-cookie: __cf_bm=u5X9A78_m405agnl9BUaC0uL4jS9rfMHuduUPaHlrHU-1678638299-0-Afi9IY3gcV/0d1z6ddOGTxViDx6Orfd9BXTC673eL/+z+pR4G7IDJ0C7Oqp/aVZTkPxFx4f0waO11zu20LbFI6Q=; path=/; expires=Sun, 12-Mar-23 16:54:59 GMT; domain=.www.clickfunnels.com; HttpOnly; Secure; SameSite=None server: cloudflare content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:

URL	givealwyes.blogspot.am/
IP	142.250.74.1 (United States)
ASN	#15169 GOOGLE
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access	public
Report completed	2023-03-12 16:25:08 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	2
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (18)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.1

Last 5 reports on ASN: GOOGLE

Last 1 reports on domain: givealwyes.blogspot.am

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (16)

Executed Evals (2)

#1 JavaScript::Eval (size: 20304) - SHA256: 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77

#2 JavaScript::Eval (size: 119) - SHA256: c86f169f0657c6b92313fe640219830c515fbe6ac9107b6fb87e43c97faf8deb

Executed Writes (0)

HTTP Transactions (48)

Overview

Domain Summary (18)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.1

Last 5 reports on ASN: GOOGLE

Last 1 reports on domain: givealwyes.blogspot.am

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (16)

Executed Evals (2)

#1 JavaScript::Eval (size: 20304) - SHA256: 9c1ea695852f01d2fc6027d572b126b740a9c4634540fb0d39ea3656377eef77

#2 JavaScript::Eval (size: 119) - SHA256: c86f169f0657c6b92313fe640219830c515fbe6ac9107b6fb87e43c97faf8deb

Executed Writes (0)

HTTP Transactions (48)

Network Intrusion Detection Systems