r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2654
Expires: Sun, 25 Sep 2022 06:21:47 GMT
Date: Sun, 25 Sep 2022 05:37:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 05:14:51 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2ZRF4QZ7OjwA9CEIM60rbZXje7K9kfAvublXFC9Qfuccam_Dj9-VAg==
Age: 1362
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: guvzLm0SejoExDu3gvrg1Ni1xIBtE2XaW9s3kS6pk0daMtuxl3Z9-g==
age: 3739
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 05:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 05:06:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8Q31sxcC42SBZoooLmE0XIiTt1iazQcvljlqhL36CUql_PSZiFxdxA==
Age: 1997
garenafreefair01.blogspot.sk/
142.250.74.161302 Moved Temporarily 182 B URL HTTP/1.1 garenafreefair01.blogspot.sk/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash bacbe7de8d2ab7133764f9baab42e648
1746759b5fd3691e0cc7a62fc97b54f4eaaa3ea7
e9cb09301ef5ffa8c12f689645d862c39a46a5725d17c615cdcfda7cfbb08ccb
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: garenafreefair01.blogspot.sk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://garenafreefair01.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 05:37:34 GMT
Expires: Sun, 25 Sep 2022 05:37:34 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 182
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4818
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:37:34 GMT
Last-Modified: Sun, 25 Sep 2022 04:17:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
garenafreefair01.blogspot.com/
142.250.74.161301 Moved Permanently 183 B URL HTTP/1.1 garenafreefair01.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f0da0b453c3950ac0c74446e22d13fdc
01c1dbe79564909965e714d5e5c3ad20e13de890
acbbc6db0c43f671c056a434c38b5cee90307ec7560f20aaf6f50b33203d6765
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: garenafreefair01.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://garenafreefair01.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 05:37:34 GMT
Expires: Sun, 25 Sep 2022 05:37:34 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 183
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dde08ad6d0d33c288ad70cce74175fbb
de2d638241098268be6c8fc01b748fde38f1dd96
164fa18665323f6274da69ec244a59054ac277e17c5792a04eb2907758e0e586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:37:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.42.74.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.74.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aAyVB0Z6Y8rLQRqP0j2fyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UovnxDihz22oXv3g5Vh2OkaFi0w=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dde08ad6d0d33c288ad70cce74175fbb
de2d638241098268be6c8fc01b748fde38f1dd96
164fa18665323f6274da69ec244a59054ac277e17c5792a04eb2907758e0e586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
garenafreefair01.blogspot.com/responsive/sprite_v1_6.css.svg
142.250.74.161200 OK 2.2 kB URL HTTP/2 garenafreefair01.blogspot.com/responsive/sprite_v1_6.css.svg
IP 142.250.74.161:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7657)
Hash 95c6fb790198cc0364925ea12e2bce11
371752558ef1ccaa9885db20be2d882dd1c15dab
a4f0e38c228313a0eb22ea4faeca14467732a9992e2b514a9a16b2717ab5d8b5
Analyzer Verdict Alert fortinet Phishing
GET /responsive/sprite_v1_6.css.svg HTTP/1.1
Host: garenafreefair01.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 02:17:06 GMT
expires: Sun, 02 Oct 2022 02:17:06 GMT
cache-control: public, max-age=604800
last-modified: Sat, 24 Sep 2022 21:54:52 GMT
content-type: image/svg+xml
age: 12029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
garenafreefair01.blogspot.com/
142.250.74.161200 OK 28 kB URL HTTP/2 garenafreefair01.blogspot.com/
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60702)
Hash 3667f838e88bbab151c10fd978f940f3
e51e39303fb892cf07753f3be9c5f253d8b55000
c8b9ff744e85e6b17857dcb3a0342efcdfe91b25e3404c071d1447c986bcb9df
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: garenafreefair01.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 25 Sep 2022 05:37:35 GMT
date: Sun, 25 Sep 2022 05:37:35 GMT
cache-control: private, max-age=0
last-modified: Fri, 23 Sep 2022 22:49:16 GMT
etag: W/"e07bb0086368b9adfc9b236d9d2aa0d4ecca441946b9e078157c89d17a6924bc"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 27722
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cff4f56be1b217fd676fff4644d9673
5ba2a68749b8a9a9d8a3863b18e8f896400a7660
8984cd65d1108783e8a05574eafe5471cc98f807e314ef009d104b9739413946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1416043673-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1416043673-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash c6aef9cbd2abf926a23970b70f8a24c2
78972b4f41a7d2580c383da41e3a472c4cfc647a
111111066b8f3fddcd24cedce8c4e8b93a1d9e9b8e3f5f2959172da5adda14b6
GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 04:10:30 GMT
expires: Mon, 25 Sep 2023 04:10:30 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 02:52:11 GMT
content-type: text/javascript
age: 5225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cff4f56be1b217fd676fff4644d9673
5ba2a68749b8a9a9d8a3863b18e8f896400a7660
8984cd65d1108783e8a05574eafe5471cc98f807e314ef009d104b9739413946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:37:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2853
Expires: Sun, 25 Sep 2022 06:25:09 GMT
Date: Sun, 25 Sep 2022 05:37:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2853
Expires: Sun, 25 Sep 2022 06:25:09 GMT
Date: Sun, 25 Sep 2022 05:37:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2853
Expires: Sun, 25 Sep 2022 06:25:09 GMT
Date: Sun, 25 Sep 2022 05:37:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2853
Expires: Sun, 25 Sep 2022 06:25:09 GMT
Date: Sun, 25 Sep 2022 05:37:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 716068d10c9e3a16d3a8e727992f71ec
f18edf7b5080b39e00bde335c16ca0f771428e8e
5991be1a009df210adc123f9f8081f669368a3a1891305717fc40ead172917a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b8b1112-7394-4d92-9fc1-54f8e005817f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10845
x-amzn-requestid: b819b750-c0b1-46b1-9e6c-010912fa87b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EzFpWoAMFxdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7884-3671ba9f0fc6b3e52e25f8a7;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F8HfbDS4Ki85iwI7IgBulH70M3NwK6_-lmATgGp2myUTSlJKCDiScw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:26 GMT
age: 28690
etag: "f18edf7b5080b39e00bde335c16ca0f771428e8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
raviral.com/host_style/style/img/logo.png
104.21.42.111200 OK 56 kB URL HTTP/2 raviral.com/host_style/style/img/logo.png
IP 104.21.42.111:0
File type PNG image data, 440 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash 14b1f20128404f86dc7fb9075927bd08
fac0c48a27b9704d04b829ec488fe96ed321fcac
c0f5abbb563d9cec88ae577a1fa530d2486635806dec6c34bc45f956a78abb11
GET /host_style/style/img/logo.png HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:36 GMT
content-type: image/png
content-length: 56253
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDQWnka6YnTm0AGRCobmDjZZzrdIAGAuDy4GxUUeLOnXNjcAmB5WzyfSdnQNJRsuBZ1rTlh4kyaQZQ582Hgck2DvRu5jxow%2BLgdzzt2QSYDpLOeqXJ4T0HSqNwUk4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750168a6690f1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7bd3afd3069904500c28e9bb16587e8
a881666627e1077859ed1941cee576caf600d798
78a7b0a2127c583aba569abace503cff376cde67d5faa9a346c1494d91e8f3cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5172
x-amzn-requestid: d366d3e0-71d7-404c-a93b-3267852824ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_T5F5PoAMFqWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f78e5-52362b5f0dc1ee8951eebc07;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ean91lOEJLzLQFKy3gBuqD_G-BVw3SMuED20W6ixdkKYvVcMatdGJA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:23 GMT
age: 28693
etag: "a881666627e1077859ed1941cee576caf600d798"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 28817
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75eb09cb0472d311d2deaf4475a2fb29
9e7b0fd5b7c45213e1808361867a254c8e313a30
c18626d0131533976be196823911d5146042e6bd8028389cb4f17a64ee0ec1e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7690
x-amzn-requestid: e50abd36-e3d6-4177-ad5a-57ef7f743e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv2HqHJqIAMFe9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296a30-7de1ba3633620fed1eb26a04;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:22:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: x6m2265h0hSgCTluIqgbC-hSZiiyeqMR0qEwnYgXfjfxNa99trVEgA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 18:05:57 GMT
age: 41499
etag: "9e7b0fd5b7c45213e1808361867a254c8e313a30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu:400,700
142.250.74.10200 OK 12 kB URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu:400,700
IP 142.250.74.10:0
Hash 017f9ec51cc65af91a94086be1aea2b1
03f6fcca97035b4a1810ce1ce14c58eed7f44d4c
ad01f30614d21101b39a7cdf4b95f95ea3607ffb2ca95375d926e0a8ab49d01a
GET /css?family=Ubuntu:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 05:37:35 GMT
date: Sun, 25 Sep 2022 05:37:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00c09f267aacde9465a329542463b9e5
1534aa8a5158dfa9592d65e6fb761b41c0852c58
276ff24598159f62fd7333992575834f901eea7c75a228b9c12d1c049f1df558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: b0fc9bea-7735-43c0-a176-eae4d5000a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2ZPtHajIAMF8zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c08ca-391092bd30ae5bf9692e93ba;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:03:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gc7lA-XfgIAhotpUdrOaihuA2nbdMY2zNiJSHZpSN3yKPaT-k93auQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 07:07:29 GMT
age: 81007
etag: "1534aa8a5158dfa9592d65e6fb761b41c0852c58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
raviral.com/host_style/style/img/resource-2-img.png
104.21.42.111200 OK 7.2 kB URL HTTP/2 raviral.com/host_style/style/img/resource-2-img.png
IP 104.21.42.111:0
File type PNG image data, 69 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 79b502c8afd08497e33eda42ce8b1aae
1d93be54f68618238d48a3879d2a4eca3b356595
08b48f0726c94e688562eddfce3e34046c638751fd96962139c25978b2a7e5cc
GET /host_style/style/img/resource-2-img.png HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:36 GMT
content-type: image/png
content-length: 7213
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdXWET5ZteJ6sMerrViK2QTnlOpv%2BCXv0qANDQj1IR3eMLV%2F9b54t1C8I%2FWtC5gixdrGwNhjwmPjaNQQUYvjRURRSQbcSx8Ng1HOh%2B5IXt4YLZ1mP3WJIiE9Wxl5Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750168a669111bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:37:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:37:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
142.250.74.163200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:28:55 GMT
expires: Thu, 21 Sep 2023 19:28:55 GMT
cache-control: public, max-age=31536000
age: 295721
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
142.250.74.163200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 07:00:19 GMT
expires: Fri, 22 Sep 2023 07:00:19 GMT
cache-control: public, max-age=31536000
age: 254237
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 05:37:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
raviral.com/host_style/style/img/resource-1-img.png
104.21.42.111200 OK 6.1 kB URL HTTP/2 raviral.com/host_style/style/img/resource-1-img.png
IP 104.21.42.111:0
File type PNG image data, 69 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash ed16e1547b2ca26f3cc85412656d34fd
c143ba764bdc61757f4739626b2525d608c7726e
c90e545792c8c53d341f35f49b6e6f206c0350a55040bbf354e674a92a630e29
GET /host_style/style/img/resource-1-img.png HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:38 GMT
content-type: image/png
content-length: 6128
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSj%2B2%2FTxlofqp4SgP2ZoYhbV3LjqldEQ3obCIbhLo8TgHRFSd4iLBYNypMqozLKvY%2BEr%2FKDyuBQmvhBn4jAj%2FPVXVo0ADpntECZRMwdBUszZSTM8tunQAS2VxZyUWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750168a669101bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/img/platform.png
104.21.42.111200 OK 26 kB URL HTTP/2 raviral.com/host_style/style/img/platform.png
IP 104.21.42.111:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash f5eda8432664a298068c709f8eb6c21a
3e59ff869492a383b4665d7b9264e4608e47a016
043a3242e30f5dd9d6a59b45fbd8c5579a0891443147f96af2a026fa22ce3e04
GET /host_style/style/img/platform.png HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:38 GMT
content-type: image/png
content-length: 25542
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idc8J9F%2FlCHBYPoRvwZYm%2FgIvohzgudaClN9jSBPkGKI8hf52pZrTKOYkYWu8i2Rmlkwf3hxYAzTfCoAI5q7%2B0Uql6LZhpNd4%2BfrgnLTHp4xKyIuA0bO0p1UUfLdyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750168a669131bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/img/player.png
104.21.42.111200 OK 5.7 kB URL HTTP/2 raviral.com/host_style/style/img/player.png
IP 104.21.42.111:0
File type PNG image data, 128 x 128, 8-bit colormap, non-interlaced\012- data
Hash 731528c587b5851d4c0bbdf54c5612c9
4215a2bab3bf6cdcb4960a8c3062ceb054248d7b
c03ec161975b56698dfb6632cf05af74602316b6dbe49bc609d1f826822ce3c0
GET /host_style/style/img/player.png HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:39 GMT
content-type: image/png
content-length: 5735
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6K8lm0cdW4eBRiF8fJ2WuXj8uzmTAnJcqz0TqMz1We%2B4mI%2BzHwzEYvNMwMGpiE6u22F8xG%2FQQ4a9pJwq0wUN3g9RKpl5apsMGos8%2BElmt3mWE4mQh86aqwJ7PJuRLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750168a669121bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 61a386c86a3ec280912c735e052c4008
0740bae6f964bfa26ab2b7d91013c60ab2e9c12d
30e555d765a8f3175895279cb1ada3ea7267a0578fd05ecf9647de7f00bdee1b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "30E555D765A8F3175895279CB1ADA3EA7267A0578FD05ECF9647DE7F00BDEE1B"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3431
Expires: Sun, 25 Sep 2022 06:34:51 GMT
Date: Sun, 25 Sep 2022 05:37:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e27e4fb08edd2406c6125d46c83dc418
d88538018ab93cabcce8b429d2fab88f878c41eb
8cd8d4f4ce71f831ebfc64fd98282b02fdb27bb0566bc2e87f7b894dd3c7ff8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CD8D4F4CE71F831EBFC64FD98282B02FDB27BB0566BC2E87F7B894DD3C7FF8C"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1769
Expires: Sun, 25 Sep 2022 06:07:09 GMT
Date: Sun, 25 Sep 2022 05:37:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c3823a2be66be2597ff7eb6d22e7cbc7
43062b6b902ca8d2d89ab925fd68ac9fbf04106d
e22534f24735ad10961b9794c54a615025ba88434b3208987f4ed19b7448de49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E22534F24735AD10961B9794C54A615025BA88434B3208987F4ED19B7448DE49"
Last-Modified: Fri, 23 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2901
Expires: Sun, 25 Sep 2022 06:26:01 GMT
Date: Sun, 25 Sep 2022 05:37:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c289ec8e6c779928a84be9aed64a70f
025cc04969376aa9c10e5fe22828b71a909d9ac8
b83340a7ce11f26ec1ae615fa3255f25cafce097d4aa4c36990960e2fc8eb083
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B83340A7CE11F26EC1AE615FA3255F25CAFCE097D4AA4C36990960E2FC8EB083"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7240
Expires: Sun, 25 Sep 2022 07:38:20 GMT
Date: Sun, 25 Sep 2022 05:37:40 GMT
Connection: keep-alive
pseepsie.com/zone?pub=0&zone_id=5396479&is_mobile=false&domain=garenafreefair01.blogspot.com&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 pseepsie.com/zone?pub=0&zone_id=5396479&is_mobile=false&domain=garenafreefair01.blogspot.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 35f887b1625180d82567b12c8694fa39
57d1c756f7f5b6229013673a31106d8dc0eb5fd9
10050f3f275ddc349a35c3dc38b8d9438f69fa038b0f38f972c0ac4a9fb010b2
GET /zone?pub=0&zone_id=5396479&is_mobile=false&domain=garenafreefair01.blogspot.com&var=&ymid=&var_3= HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://garenafreefair01.blogspot.com/
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: 9a6205e2fde58178842eb24fca9ad9ce
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tovanillitechan.com/42/38?z=5396478
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/42/38?z=5396478
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /42/38?z=5396478 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Cookie: scm=1; OAID=5f9a5893389f4ec2bea6213df21ca4f4; oaidts=1664084260
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:40 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 199c6803bd5d13fc36d3c9a11cf630fa
access-control-expose-headers: X-Sc
set-cookie: OAID=5f9a5893389f4ec2bea6213df21ca4f4; expires=Mon, 25 Sep 2023 05:37:40 GMT; secure; SameSite=None
oaidts=1664084260; expires=Mon, 25 Sep 2023 05:37:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash af56ebb29d27fb6a049680fe85c8828b
235a3579a72192a6a1fc0366d6d8671e2630b9f5
68454f522f57ca84315459fbf178251544804533512e9bebb8a6e3f3bce12895
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 05:37:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 18:25:22 GMT
Expires: Thu, 29 Sep 2022 18:25:21 GMT
Etag: "235a3579a72192a6a1fc0366d6d8671e2630b9f5"
Cache-Control: max-age=391060,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750168c49e34b512-OSL
my.rtmark.net/gid.js?userId=e2de0be02b7f4290aa1806643cd9ee8d
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=e2de0be02b7f4290aa1806643cd9ee8d
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 96eb384e6f9c1b412ea81aa62c976a32
bcb5809caf0ca75323df1bed95865152a1d1c2d2
7bc9db620e9299531f8ae01dad3d955069d1ae75a04e52c85c5b83173db530e0
GET /gid.js?userId=e2de0be02b7f4290aa1806643cd9ee8d HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e2de0be02b7f4290aa1806643cd9ee8d; expires=Mon, 25 Sep 2023 05:37:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://garenafreefair01.blogspot.com/
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a8ec9b0cda958f50ce8fd56fc578350
3a550a21aae0b4969b3b0432f597b863de2160c4
90dcf36ff7473bce9aba7370e520531dde85e6612de279b281b3485f7ebfa283
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "90DCF36FF7473BCE9ABA7370E520531DDE85E6612DE279B281B3485F7EBFA283"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3333
Expires: Sun, 25 Sep 2022 06:33:13 GMT
Date: Sun, 25 Sep 2022 05:37:40 GMT
Connection: keep-alive
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://garenafreefair01.blogspot.com/
Content-Type: application/json
Origin: https://garenafreefair01.blogspot.com
Content-Length: 395
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b4577b1a44a4fc2e0b8da3f7bf1d45a6
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tovanillitechan.com/9?z=5396478&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=e2de0be02b7f4290aa1806643cd9ee8d
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/9?z=5396478&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=e2de0be02b7f4290aa1806643cd9ee8d
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5396478&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=e2de0be02b7f4290aa1806643cd9ee8d HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://garenafreefair01.blogspot.com/
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 05:37:41 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/bootstrap.min.js
104.21.42.111200 OK 26 kB URL HTTP/2 raviral.com/host_style/style/js/bootstrap.min.js
IP 104.21.42.111:0
File type ASCII text, with very long lines (32003), with CRLF line terminators
Hash 8e0989326d9ccc7da2b8413b286bbaee
5272f84421105f027fe24c8bc881009a19a6240c
3b552273ec57c01fe7b1b146f25c8e94d3d25ddf107f777f3255b56d10ef706d
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/bootstrap.min.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:36 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAu7Wd7iRJxP%2BBMbhxnSadsNSxNISfLs2qSQU%2FcYNLZkuob5eqSom3Ds3%2Bo0pxgjZgK1DVzEiCxjlh3bf7j51h8JJayTyuTQNEaMWPt4TGANLU9PyqNBldXZ%2FpsS0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a659031bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 49e5ce5b845b02f2812fd5e0e90657ab
b25b1883b0f0e02956c3eb5beb98552f814ee6ab
626d35b4cb1b83b59e4ee11e274ba2e82d81a7357d085012401623d088bc3985
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 05:37:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 12:52:21 GMT
Expires: Thu, 29 Sep 2022 12:52:20 GMT
Etag: "b25b1883b0f0e02956c3eb5beb98552f814ee6ab"
Cache-Control: max-age=371078,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750168c7a87bb512-OSL
dozubatan.com/500/5396477?excludes=&oaid=e2de0be02b7f4290aa1806643cd9ee8d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/5396477?excludes=&oaid=e2de0be02b7f4290aa1806643cd9ee8d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5396477?excludes=&oaid=e2de0be02b7f4290aa1806643cd9ee8d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://garenafreefair01.blogspot.com/
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:41 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/jquery.fitvids.js
104.21.42.111200 OK 17 kB URL HTTP/2 raviral.com/host_style/style/js/jquery.fitvids.js
IP 104.21.42.111:0
File type HTML document, ASCII text, with very long lines (596)
Hash 392884c719afe8ab34e99a82a024f688
bbcd502465c22e4b893b912ad269c9be8f6f81d5
eec792ee318c5fe9c548c870cc6e5a259b4f570059ee4d9a8e2158a69d371204
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/jquery.fitvids.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:36 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3437
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbL%2BVwCGqJarBHNRCNRiWEremzug%2Btx%2B%2FG%2FVGeCo5eP0bAkdFZ%2FYJ6q0IXfDGcAVITdBLuLoZVRCVpq9M5l2X%2FB5BTIS0cPY6JzzLpPi1ipMzSBZKR%2FIl1u4H3330w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a659071bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/validator.min.js
104.21.42.111200 OK 18 kB URL HTTP/2 raviral.com/host_style/style/js/validator.min.js
IP 104.21.42.111:0
File type ASCII text, with very long lines (5862), with CRLF line terminators
Hash eb81b0914a63d07041865db029c68043
3ffe9ff5d3f32ae2f83f4bc76868ae14eea9651e
4cdc6adae7f8ef9045380feb75983be24fab0ca1d84a84af36876c762024dd63
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/validator.min.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:36 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLA3WM2hgQSeVibjFsyuAkk8WaNUgIPeMcdaH2ffcUUHlQBQN4akQN4DREGWYP6fq9DBwJbLHJpgJwVvk9uCSzBKKQgzKUg3eg1gzn0TxPPXqS2dyd9m29M18mW09w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a659081bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://garenafreefair01.blogspot.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://garenafreefair01.blogspot.com
Content-Length: 1526
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 25 Sep 2022 05:37:58 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://garenafreefair01.blogspot.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
tovanillitechan.com/11?rnd=1633176227&z=5396478&b=14812988&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=FrXdOUD11BsN86fSQR8kEpI8GWpesO_4i0PIloHhkn1fdj3mtdOjolzl7kOSKDmRyd_Ji143DD4N9xVJAevCnQHnOh2ctMYxKikeLQWsp_lRss1zjUlzCQiMm9k9ToLam-Pjsx0UE0-WeCpQsowsPLEgN87xDBtjNWj28ijTduy5mcMxNTXL3j_dH7cJ5FEDrI9q1qEVwWwr8zbs391WhDRHOUcOcuSXrUes-0m7AiwBeNjhk9LSF3aAfV76uD413yF8o7Q9sa9P8cwY0m78BelJFS7ZgtlquTYOHnDPeY9E-bSeUN3Oaxp25lxr_wKCz__udUI9KllZVisCtFkngAiSO0YySyhDeDnN32BqaC5i2oJ52DRoFNAVGN4JQQwhRWgJdrh2xZncKdxtYIgZX2ugVTaWpxFjEpTEFIuMVwOAtI_UsgOIMagqwfOiLK287w5yrle2Gk1dqLnT1ixnlOLFvxfVzO7V0QfPnSDVfP0HKD3VyR1vWkH6iFSwIgo18vD-awHWqmK3G6-Q-dte_eil2wNkWdw1Ley_WSmQd7HIyEzX5AygRHSc6yaw7zp8c5FcigvzAOICfsRszsAyOikWZtZo8gIlpoYoElHz0Q4C8R2eGmPKtuGWYsQldD-pYqeVcp2i1tLYGFhSFJCF0g==&ruid=617a5e0b-c030-4c27-98c7-3570ea4c92c8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=145
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/11?rnd=1633176227&z=5396478&b=14812988&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=FrXdOUD11BsN86fSQR8kEpI8GWpesO_4i0PIloHhkn1fdj3mtdOjolzl7kOSKDmRyd_Ji143DD4N9xVJAevCnQHnOh2ctMYxKikeLQWsp_lRss1zjUlzCQiMm9k9ToLam-Pjsx0UE0-WeCpQsowsPLEgN87xDBtjNWj28ijTduy5mcMxNTXL3j_dH7cJ5FEDrI9q1qEVwWwr8zbs391WhDRHOUcOcuSXrUes-0m7AiwBeNjhk9LSF3aAfV76uD413yF8o7Q9sa9P8cwY0m78BelJFS7ZgtlquTYOHnDPeY9E-bSeUN3Oaxp25lxr_wKCz__udUI9KllZVisCtFkngAiSO0YySyhDeDnN32BqaC5i2oJ52DRoFNAVGN4JQQwhRWgJdrh2xZncKdxtYIgZX2ugVTaWpxFjEpTEFIuMVwOAtI_UsgOIMagqwfOiLK287w5yrle2Gk1dqLnT1ixnlOLFvxfVzO7V0QfPnSDVfP0HKD3VyR1vWkH6iFSwIgo18vD-awHWqmK3G6-Q-dte_eil2wNkWdw1Ley_WSmQd7HIyEzX5AygRHSc6yaw7zp8c5FcigvzAOICfsRszsAyOikWZtZo8gIlpoYoElHz0Q4C8R2eGmPKtuGWYsQldD-pYqeVcp2i1tLYGFhSFJCF0g==&ruid=617a5e0b-c030-4c27-98c7-3570ea4c92c8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=145
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=1633176227&z=5396478&b=14812988&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=FrXdOUD11BsN86fSQR8kEpI8GWpesO_4i0PIloHhkn1fdj3mtdOjolzl7kOSKDmRyd_Ji143DD4N9xVJAevCnQHnOh2ctMYxKikeLQWsp_lRss1zjUlzCQiMm9k9ToLam-Pjsx0UE0-WeCpQsowsPLEgN87xDBtjNWj28ijTduy5mcMxNTXL3j_dH7cJ5FEDrI9q1qEVwWwr8zbs391WhDRHOUcOcuSXrUes-0m7AiwBeNjhk9LSF3aAfV76uD413yF8o7Q9sa9P8cwY0m78BelJFS7ZgtlquTYOHnDPeY9E-bSeUN3Oaxp25lxr_wKCz__udUI9KllZVisCtFkngAiSO0YySyhDeDnN32BqaC5i2oJ52DRoFNAVGN4JQQwhRWgJdrh2xZncKdxtYIgZX2ugVTaWpxFjEpTEFIuMVwOAtI_UsgOIMagqwfOiLK287w5yrle2Gk1dqLnT1ixnlOLFvxfVzO7V0QfPnSDVfP0HKD3VyR1vWkH6iFSwIgo18vD-awHWqmK3G6-Q-dte_eil2wNkWdw1Ley_WSmQd7HIyEzX5AygRHSc6yaw7zp8c5FcigvzAOICfsRszsAyOikWZtZo8gIlpoYoElHz0Q4C8R2eGmPKtuGWYsQldD-pYqeVcp2i1tLYGFhSFJCF0g==&ruid=617a5e0b-c030-4c27-98c7-3570ea4c92c8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=145 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Cookie: scm=1; OAID=e2de0be02b7f4290aa1806643cd9ee8d; oaidts=1664084260
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:41 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 3c8bbc2c6edd65e498ea6cc11068855a
access-control-expose-headers: X-Sc
set-cookie: OAID=e2de0be02b7f4290aa1806643cd9ee8d; expires=Mon, 25 Sep 2023 05:37:41 GMT; secure; SameSite=None
oaidts=1664084260; expires=Mon, 25 Sep 2023 05:37:41 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
offerimage.com/www/images/a563edd673308b2cd8cc1ec9c0543417.png
172.67.22.216200 OK 76 kB URL HTTP/2 offerimage.com/www/images/a563edd673308b2cd8cc1ec9c0543417.png
IP 172.67.22.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash a563edd673308b2cd8cc1ec9c0543417
bff09cb9d8c3dadb244db8d24b6f58b8dfab6469
bbd22caad95af25c9ccf019fe7499c74743b7ef4eaceeffe0781c3f64f054b0c
GET /www/images/a563edd673308b2cd8cc1ec9c0543417.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:41 GMT
content-type: image/png
content-length: 76281
last-modified: Tue, 07 Jun 2022 21:58:32 GMT
etag: "629fca08-129f9"
expires: Mon, 26 Sep 2022 00:04:15 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 20006
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750168c8af11b50b-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9d773b216e1dfcc6d5bc5e0a3fdfe174
3361993fd3b389a19f30910645d0ceba555a87af
80fe11ed843f56d15024322ae3d3698efe0d0b9d04cd5e3efd4577550f25e7c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80FE11ED843F56D15024322AE3D3698EFE0D0B9D04CD5E3EFD4577550F25E7C2"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2401
Expires: Sun, 25 Sep 2022 06:17:42 GMT
Date: Sun, 25 Sep 2022 05:37:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d60144b96f72539719011cc71dcaa7c2
02a0962fe84b3466d77542f7b1b42a9efcc84479
814e75d1f248cd7bdc505fabec42b103880ed89329940be06d039b84d1f1b95f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "814E75D1F248CD7BDC505FABEC42B103880ED89329940BE06D039B84D1F1B95F"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13633
Expires: Sun, 25 Sep 2022 09:24:54 GMT
Date: Sun, 25 Sep 2022 05:37:41 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:03 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 298549381
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
pseepsie.com/pfe/current/universal.min.js?v=3.1.395
139.45.197.250200 OK 72 kB URL HTTP/2 pseepsie.com/pfe/current/universal.min.js?v=3.1.395
IP 139.45.197.250:0
Hash d4aed34172c2f7a176751d150623cd52
b8a626aad570545511c64ca38e9fbbdcf29aff79
48b188639171cf65002c8f1a834efd9d55e11c1eb7921aeeb17d952f8c1f6f1d
GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://garenafreefair01.blogspot.com/
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
tovanillitechan.com/9?z=5396478&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=e2de0be02b7f4290aa1806643cd9ee8d
139.45.197.239200 OK 59 kB URL HTTP/2 tovanillitechan.com/9?z=5396478&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=e2de0be02b7f4290aa1806643cd9ee8d
IP 139.45.197.239:0
Hash 69148fdc9dfb1a3db2fc1064992c38a8
2c43ec8e46d4dd2f8275dd5b00af7905be490328
7972be806a6fc462853f66e823885c70d340b4d58a1aeabcf667058361940b28
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5396478&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=e2de0be02b7f4290aa1806643cd9ee8d HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 281
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Cookie: scm=1; OAID=5f9a5893389f4ec2bea6213df21ca4f4; oaidts=1664084260
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:41 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 96d1ccbf1d9b5144480be942cb3dab85
access-control-expose-headers: X-Sc
set-cookie: OAID=e2de0be02b7f4290aa1806643cd9ee8d; expires=Mon, 25 Sep 2023 05:37:41 GMT; secure; SameSite=None
oaidts=1664084260; expires=Mon, 25 Sep 2023 05:37:41 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 986b5ec9070371f564599590660c967f
035d62ac46379e6b9a4a86975c8fc81052f9a2f8
357258fc3abbb14a97f6a79adcadcac3920f1f5c16dc66708522cce32f9d6266
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "357258FC3ABBB14A97F6A79ADCADCAC3920F1F5C16DC66708522CCE32F9D6266"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18457
Expires: Sun, 25 Sep 2022 10:45:18 GMT
Date: Sun, 25 Sep 2022 05:37:41 GMT
Connection: keep-alive
interstitial-07.com/?l=BsffwaFC63kXM5A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D125230900%26z%3D5396478%26b%3D14812988%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DFrXdOUD11BsN86fSQR8kEpI8GWpesO_4i0PIloHhkn1fdj3mtdOjolzl7kOSKDmRyd_Ji143DD4N9xVJAevCnQHnOh2ctMYxKikeLQWsp_lRss1zjUlzCQiMm9k9ToLam-Pjsx0UE0-WeCpQsowsPLEgN87xDBtjNWj28ijTduy5mcMxNTXL3j_dH7cJ5FEDrI9q1qEVwWwr8zbs391WhDRHOUcOcuSXrUes-0m7AiwBeNjhk9LSF3aAfV76uD413yF8o7Q9sa9P8cwY0m78BelJFS7ZgtlquTYOHnDPeY9E-bSeUN3Oaxp25lxr_wKCz__udUI9KllZVisCtFkngAiSO0YySyhDeDnN32BqaC5i2oJ52DRoFNAVGN4JQQwhRWgJdrh2xZncKdxtYIgZX2ugVTaWpxFjEpTEFIuMVwOAtI_UsgOIMagqwfOiLK287w5yrle2Gk1dqLnT1ixnlOLFvxfVzO7V0QfPnSDVfP0HKD3VyR1vWkH6iFSwIgo18vD-awHWqmK3G6-Q-dte_eil2wNkWdw1Ley_WSmQd7HIyEzX5AygRHSc6yaw7zp8c5FcigvzAOICfsRszsAyOikWZtZo8gIlpoYoElHz0Q4C8R2eGmPKtuGWYsQldD-pYqeVcp2i1tLYGFhSFJCF0g%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D617a5e0b-c030-4c27-98c7-3570ea4c92c8%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fgarenafreefair01.blogspot.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.152200 OK 5.1 kB URL HTTP/2 interstitial-07.com/?l=BsffwaFC63kXM5A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D125230900%26z%3D5396478%26b%3D14812988%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DFrXdOUD11BsN86fSQR8kEpI8GWpesO_4i0PIloHhkn1fdj3mtdOjolzl7kOSKDmRyd_Ji143DD4N9xVJAevCnQHnOh2ctMYxKikeLQWsp_lRss1zjUlzCQiMm9k9ToLam-Pjsx0UE0-WeCpQsowsPLEgN87xDBtjNWj28ijTduy5mcMxNTXL3j_dH7cJ5FEDrI9q1qEVwWwr8zbs391WhDRHOUcOcuSXrUes-0m7AiwBeNjhk9LSF3aAfV76uD413yF8o7Q9sa9P8cwY0m78BelJFS7ZgtlquTYOHnDPeY9E-bSeUN3Oaxp25lxr_wKCz__udUI9KllZVisCtFkngAiSO0YySyhDeDnN32BqaC5i2oJ52DRoFNAVGN4JQQwhRWgJdrh2xZncKdxtYIgZX2ugVTaWpxFjEpTEFIuMVwOAtI_UsgOIMagqwfOiLK287w5yrle2Gk1dqLnT1ixnlOLFvxfVzO7V0QfPnSDVfP0HKD3VyR1vWkH6iFSwIgo18vD-awHWqmK3G6-Q-dte_eil2wNkWdw1Ley_WSmQd7HIyEzX5AygRHSc6yaw7zp8c5FcigvzAOICfsRszsAyOikWZtZo8gIlpoYoElHz0Q4C8R2eGmPKtuGWYsQldD-pYqeVcp2i1tLYGFhSFJCF0g%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D617a5e0b-c030-4c27-98c7-3570ea4c92c8%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fgarenafreefair01.blogspot.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5213)
Hash 79b184276d6857b9360e19feabd3d484
6b0162161c82634285c6e8030e6cf692227e80e9
f94ee3135d28b56c0242c50c5d86f526c542b2815b246d8eb9e5a499a60946fb
GET /?l=BsffwaFC63kXM5A&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D125230900%26z%3D5396478%26b%3D14812988%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DFrXdOUD11BsN86fSQR8kEpI8GWpesO_4i0PIloHhkn1fdj3mtdOjolzl7kOSKDmRyd_Ji143DD4N9xVJAevCnQHnOh2ctMYxKikeLQWsp_lRss1zjUlzCQiMm9k9ToLam-Pjsx0UE0-WeCpQsowsPLEgN87xDBtjNWj28ijTduy5mcMxNTXL3j_dH7cJ5FEDrI9q1qEVwWwr8zbs391WhDRHOUcOcuSXrUes-0m7AiwBeNjhk9LSF3aAfV76uD413yF8o7Q9sa9P8cwY0m78BelJFS7ZgtlquTYOHnDPeY9E-bSeUN3Oaxp25lxr_wKCz__udUI9KllZVisCtFkngAiSO0YySyhDeDnN32BqaC5i2oJ52DRoFNAVGN4JQQwhRWgJdrh2xZncKdxtYIgZX2ugVTaWpxFjEpTEFIuMVwOAtI_UsgOIMagqwfOiLK287w5yrle2Gk1dqLnT1ixnlOLFvxfVzO7V0QfPnSDVfP0HKD3VyR1vWkH6iFSwIgo18vD-awHWqmK3G6-Q-dte_eil2wNkWdw1Ley_WSmQd7HIyEzX5AygRHSc6yaw7zp8c5FcigvzAOICfsRszsAyOikWZtZo8gIlpoYoElHz0Q4C8R2eGmPKtuGWYsQldD-pYqeVcp2i1tLYGFhSFJCF0g%3D%3D%26bag%3DrECJmtGDoFy5o1Vh6XUGUA%3D%3D%26ruid%3D617a5e0b-c030-4c27-98c7-3570ea4c92c8%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fgarenafreefair01.blogspot.com%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=rA7UWA3mFAigAgd7ywYOBul555T-juZpJJDlf6SEvLI; expires=Sun, 25-Sep-2022 06:37:41 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 05:37:41 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 0b99f5d0eb28ec1a93c15dd8ce7d6b68
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4583272&@f16&@g1&@h1&@i1&@j1664084260104&@k0&@l1&@m%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D8%A7%D8%B1%D9%8A%D9%86%D8%A7%20%D9%81%D8%B1%D9%8A%20%D9%81%D8%A7%D9%8A%D8%B1%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-80231774&@b3:1664084260&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgarenafreefair01.blogspot.com%2F&@w
192.99.0.58200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4583272&@f16&@g1&@h1&@i1&@j1664084260104&@k0&@l1&@m%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D8%A7%D8%B1%D9%8A%D9%86%D8%A7%20%D9%81%D8%B1%D9%8A%20%D9%81%D8%A7%D9%8A%D8%B1%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-80231774&@b3:1664084260&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgarenafreefair01.blogspot.com%2F&@w
IP 192.99.0.58:0
File type ASCII text, with no line terminators
Hash 77bfc319b373ec7e72d3ff6c0e91e0d1
f17c32c647f34b33d979913dfbe6b4f4317be349
0c256090f290eb9cc9236e3c88b99ff6ed1c9c362c10c0326477e6f01ed970c6
GET /stats/0.php?4583272&@f16&@g1&@h1&@i1&@j1664084260104&@k0&@l1&@m%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D8%A7%D8%B1%D9%8A%D9%86%D8%A7%20%D9%81%D8%B1%D9%8A%20%D9%81%D8%A7%D9%8A%D8%B1%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-80231774&@b3:1664084260&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgarenafreefair01.blogspot.com%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 05:37:41 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
pseepsie.com/custom
139.45.197.250200 OK 26 kB IP 139.45.197.250:0
Hash 8f05825157942923d015f5c5ca78db4c
b348c10c0c524e015ec7513fa66e0b4cb8563883
edfaaf5c121b8ecb3187a51a7900aabaf6e8c5068f3dbf473ea2db62595a63a2
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://garenafreefair01.blogspot.com/
Content-Type: application/json
Origin: https://garenafreefair01.blogspot.com
Content-Length: 769
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:42 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 3619797f4d37704653c90477fda4f5cd
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://garenafreefair01.blogspot.com/
Content-Type: application/json
Origin: https://garenafreefair01.blogspot.com
Content-Length: 403
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:42 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5bb533035447fa49c49e6356643bd9b9
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=c6e1703dd72c4de2bd34c3936736a0e2&zoneId=5396479&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=c6e1703dd72c4de2bd34c3936736a0e2&zoneId=5396479&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 96eb384e6f9c1b412ea81aa62c976a32
bcb5809caf0ca75323df1bed95865152a1d1c2d2
7bc9db620e9299531f8ae01dad3d955069d1ae75a04e52c85c5b83173db530e0
GET /gid.js?pub=0&userId=c6e1703dd72c4de2bd34c3936736a0e2&zoneId=5396479&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://garenafreefair01.blogspot.com/
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Cookie: ID=e2de0be02b7f4290aa1806643cd9ee8d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:42 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e2de0be02b7f4290aa1806643cd9ee8d; expires=Mon, 25 Sep 2023 05:37:42 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
raviral.com/host_style/style/css/font-awesome.min.css
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/css/font-awesome.min.css
IP 104.21.42.111:0
GET /host_style/style/css/font-awesome.min.css HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:36 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qu5pftPL2aYgLn%2B0mF8cRMeHRhgGfwKjw7Qs7TRRVVFaeLEymI%2BdF5Ny%2FQG1o9lb9uTTeInvm7aheimQxIWO%2B%2BsVkiC7hN02S%2Bz6h9VeQtanC8IiBHr0eL8HYvtg9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a658ff1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dozubatan.com/500/5396477?excludes=&oaid=e2de0be02b7f4290aa1806643cd9ee8d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/5396477?excludes=&oaid=e2de0be02b7f4290aa1806643cd9ee8d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/5396477?excludes=&oaid=e2de0be02b7f4290aa1806643cd9ee8d&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Cookie: OAID=bbf26d29f384469ea03b65b8cd96405d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:41 GMT
content-type: application/javascript
x-trace-id: a14d5f5a5736e152361adf55a01407e8
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=e2de0be02b7f4290aa1806643cd9ee8d; expires=Mon, 25 Sep 2023 05:37:41 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/sweetalert2.min.js
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/js/sweetalert2.min.js
IP 104.21.42.111:0
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/sweetalert2.min.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRAS3O%2Br2GY7QVHuI%2B6gSX83mfbRIMJqRb01lVB1JRSjR%2BMXU%2BXTc3BAeNSgHoT7xewYa5gmtUnc5PECpvPgmzmTFWcirUFOqOFfS2VyMQKzgimJtnzS1I7jfVZrJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a659061bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dozubatan.com/400/5396477
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/400/5396477
IP 139.45.197.237:0
GET /400/5396477 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/javascript
x-trace-id: 0d34d545994d78a3018b6af2ee1c5e5e
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=bbf26d29f384469ea03b65b8cd96405d; expires=Mon, 25 Sep 2023 05:37:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
raviral.com/host_style/style/css/style.css
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/css/style.css
IP 104.21.42.111:0
GET /host_style/style/css/style.css HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:36 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=50715
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0G%2FhUmhHTqSdxxBU%2FWtptVGCTTCH6pQtkGy6VWrd3wXYG0PnRgL6C80YlOejmwDqHGlLcQFmfcUjxAuQajUFSwEEuM4eHHgpoIeK5qDTxraY4KpZQzPCO0O8tvMMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a659001bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/jquery.magnific-popup.min.js
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/js/jquery.magnific-popup.min.js
IP 104.21.42.111:0
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/jquery.magnific-popup.min.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:36 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kBSmlVBR3eRMV4RFxQfBqxCiMUmS9eKwi5xx5vWvfs6jqPhwDgCblffw%2B%2BylEF8pezpXv5RIZaNyfLjjXCxbnF%2F8kCMuV3GDzh3OdeR6T460DeVNK8fWjCp09mTcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a6590b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/jquery-ui.min.js
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/js/jquery-ui.min.js
IP 104.21.42.111:0
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/jquery-ui.min.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:36 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Firzsx5u5pqLF9MWb706FcwIV0SJaOMEkDm3zmROGmW%2FgshvdRV8syEDYbNdC4rcfqglah7Em8u9lOeB%2BGrAni4S0VKt6H04KPyQIaQhahPOMhBlEwoTNr6LE6%2F23Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a659021bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/css/magnific-popup.css
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/css/magnific-popup.css
IP 104.21.42.111:0
GET /host_style/style/css/magnific-popup.css HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:39 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=8328
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYcZyhaN6JEKj1%2FQXkXdAiGIZF0ectsaXtu2R3m1P98S4A0h82vPvnVIKdH%2FDzkGwvGxAJjCMC5Jpr%2FDVHOUgq1rkijJGwCaB%2F%2BB67xvqZoZPoZQE5auxDpCLXHjSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a6791b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/css/bootstrap.min.css
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/css/bootstrap.min.css
IP 104.21.42.111:0
GET /host_style/style/css/bootstrap.min.css HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:39 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gsc%2FIuDpOuoNu2%2FVfmO1Xj9R6GHpbXZ0K9lQq0Z6uIn4Xg8RsEoB%2B7qJnZ8mA1NcLc1PcgfURwKL7pntxFbnBqsHQwubik5wmAQzPgfDjs6ntsl4KwX1w8P4NjwOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a679171bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/jquery.countTo.js
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/js/jquery.countTo.js
IP 104.21.42.111:0
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/jquery.countTo.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:39 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3891
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JHxdgL1TyDZwiBtFc5aGCPFzhR0vHEMnBGNmv98z8yZTkOZ8NiiyRTqNP%2FSErnviByDWOKZe6B82afPHzbz71ZagDwNgWqjgxu5hwecM2xSF%2Bj%2B%2Bg8qBECUGR0DnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a659041bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/typed.min.js
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/js/typed.min.js
IP 104.21.42.111:0
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/typed.min.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xitHKAJT%2Buv2v2LPp%2BSflMk8C42dDctwMqYqLPB3QPyU0GWt2BDyZJIYEMYwF1T5vaZIbbbvFXlLQRexQwZ%2FMT%2F5H2q3SXSpKUeIkVWtxCWzPiHEAlNRWnkZhJ0nlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a659091bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=KQj_9e2SOkF-1uzps67wvCl0qzTccqpux_awjHJCz2sh1hPm3mNHWPUYfaRWyrDNWRd-yfGWv5rqTTADsjyCMe99HhZ8iLvDtcJp7aAaFXVcyrA7VNUihwNnucO-9_Bwacwrh2WFKBS8CbBdcIwjvSmEsgvOKpeA5Mod7QLN7PQHDbG-Mxm_Ut-FgFwboHnzPq97XwSPi_iB3lwr5--QpJTUUQw8s6iDqJis15DiYIDK6dYI&request_ab2=0&zoneid=5396480&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=3f5fb3ab-3626-4713-a7c0-3bba2783dc4a&userId=e2de0be02b7f4290aa1806643cd9ee8d&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=KQj_9e2SOkF-1uzps67wvCl0qzTccqpux_awjHJCz2sh1hPm3mNHWPUYfaRWyrDNWRd-yfGWv5rqTTADsjyCMe99HhZ8iLvDtcJp7aAaFXVcyrA7VNUihwNnucO-9_Bwacwrh2WFKBS8CbBdcIwjvSmEsgvOKpeA5Mod7QLN7PQHDbG-Mxm_Ut-FgFwboHnzPq97XwSPi_iB3lwr5--QpJTUUQw8s6iDqJis15DiYIDK6dYI&request_ab2=0&zoneid=5396480&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=3f5fb3ab-3626-4713-a7c0-3bba2783dc4a&userId=e2de0be02b7f4290aa1806643cd9ee8d&m=link
IP 139.45.197.243:0
GET /?rb=KQj_9e2SOkF-1uzps67wvCl0qzTccqpux_awjHJCz2sh1hPm3mNHWPUYfaRWyrDNWRd-yfGWv5rqTTADsjyCMe99HhZ8iLvDtcJp7aAaFXVcyrA7VNUihwNnucO-9_Bwacwrh2WFKBS8CbBdcIwjvSmEsgvOKpeA5Mod7QLN7PQHDbG-Mxm_Ut-FgFwboHnzPq97XwSPi_iB3lwr5--QpJTUUQw8s6iDqJis15DiYIDK6dYI&request_ab2=0&zoneid=5396480&js_build=iclick-v1.430.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fgarenafreefair01.blogspot.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.430.0&bs=3f5fb3ab-3626-4713-a7c0-3bba2783dc4a&userId=e2de0be02b7f4290aa1806643cd9ee8d&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://garenafreefair01.blogspot.com/
Origin: https://garenafreefair01.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/json
x-trace-id: 77bf5d73477b31c48a42618a4e53a81a
access-control-allow-origin: https://garenafreefair01.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=e2de0be02b7f4290aa1806643cd9ee8d; expires=Mon, 25 Sep 2023 05:37:40 GMT; path=/; secure; SameSite=None
oaidts=1664084260; expires=Mon, 25 Sep 2023 05:37:40 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 02 Oct 2022 05:37:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/form-scripts.js
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/js/form-scripts.js
IP 104.21.42.111:0
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/form-scripts.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1521
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63LJYOC4dbTNUfbT5mZ6EGmwRBwp5TDwnScT%2FyiWgTsT9m%2FFdnKuFaIA8yW7D%2FN8wIS2TyhFHeZy1eip8i5nPgSFMaaVryucHJ2RdpqCVOMXFlQOclZuxZQdhi78LA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a6590a1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/sticky.js
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/js/sticky.js
IP 104.21.42.111:0
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/sticky.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=21160
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhKMqhQlPWfhTv02mKG1MMOFtVhVhKbK2Aj6n6cI3qtXo8vSSaUeZMN5f%2FO1sVCtyfQ7L5X55Ds%2BcMm7bc%2Bogk4CaIGkTHXJfYmkAs7Prm2x6iMDQXFbxImgTlIdBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a6690c1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
104.21.91.63200 OK 0 B IP 104.21.91.63:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 7b3ff4d9f1c333a3e335c29f61402f19
cache-control: max-age=86400
last-modified: Fri, 23 Sep 2022 16:05:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 26 Sep 2022 03:45:13 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 6747
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wug38RKkmaKJ8tn3r5PH1joJ9VLr%2F7CYyHHLjugfLr%2B6vCPB8xxOrDaTsoJ%2BEEx3v5t12TeHdTZjJuG48312wILM8DxKuczAQguiT5%2FNMG9T%2B4ghHQ5FRjumbCfiRgR9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 750168c2381eb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pseepsie.com/pfe/current/tag.min.js?z=5396479
139.45.197.250200 OK 0 B URL HTTP/2 pseepsie.com/pfe/current/tag.min.js?z=5396479
IP 139.45.197.250:0
GET /pfe/current/tag.min.js?z=5396479 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/main.js
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/js/main.js
IP 104.21.42.111:0
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/main.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:37 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=44100
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUr%2BvVdfTQ49kVBlacemkI6MS0QTymYfKQwzkgmJY05onE7sMPyLyYiq04OqUv%2BUXEGf6uIIfRFz8%2BVrXWWwd%2FivKXIZMI%2FnwAtjjYiQYuci8Ju%2Bx63C8f3E369aYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a6690d1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/js-track/track.js
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/js-track/track.js
IP 104.21.42.111:0
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js-track/track.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:37 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=622
last-modified: Thu, 22 Sep 2022 12:01:23 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZC0MaU8j852%2Fn25SfYFL%2BCHjTJt4dVUjOZrj4vZAoFNWto4ycdpfR2cf%2FTi0blB9w7QYBRyUb3MKejQKku%2FRVnaVQqhcBfS5F59jCcMUZhgpOJHFgLjwj3sWtkhzpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a6690e1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/css/animate.css
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/css/animate.css
IP 104.21.42.111:0
GET /host_style/style/css/animate.css HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=71976
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awhr672nLfZWP9jRy8L%2BDf69vwCEfXhDxRS%2B3iloPMZwQJz8alZ09PFPucVynb2R9w%2Fag6Zf6qwIznkJF70yc1qeyxlYl9iCOzbRcDdvX00CP95dRWu3Mp1r%2Fjgmmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a679191bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/css/sweetalert2.min.css
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/css/sweetalert2.min.css
IP 104.21.42.111:0
GET /host_style/style/css/sweetalert2.min.css HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3BlRcfqFuism1ZDGgg41o1l%2FCNP2WlN7%2Fj0owGehDNYfhNDtLRksl8158cfk0%2FV2DdqezpHjnKLsL46rNq8f6tHF0%2B6g1Dq%2BLn5jl5riw1%2B%2F9J9LVy1TOKc0FP1Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a6791a1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
raviral.com/host_style/style/js/jquery.min.js
104.21.42.111200 OK 0 B URL HTTP/2 raviral.com/host_style/style/js/jquery.min.js
IP 104.21.42.111:0
Analyzer Verdict Alert fortinet Phishing
GET /host_style/style/js/jquery.min.js HTTP/1.1
Host: raviral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://garenafreefair01.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Sep 2022 05:37:40 GMT
content-type: application/javascript
last-modified: Tue, 03 Aug 2021 20:44:40 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJe29%2F0TOnWD7A6WUxsD1iiNjV24SAd%2FJEMCaIDF3JsQgciT4APZqnfl1uRPqInD%2BQf54TcgJdh4Iwh61hr8lnumvmRFBxxNl2Mj5F9TCQO8HVdyr6wNG%2FL3NN4Skg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750168a659011bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2