ocsp.pki.goog/gts1c3
471 B IP
Hash d01fcdf9d07d46c2f636f5d4761b4216
b0b5d955d4da1ad20192a71164d982626c4e723a
77273f261fedd69a83c6bd35f063e592e1aba013c76665a376d2e82a4793e052
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
200 OK 50 kB URL User Request GET HTTP/2 uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1163)
Hash 85d5b4ef1678fd0b993c4e40a378938d
fd9e636a17eb6541e6eee69e1cd6c5b624e1c277
645c862b823eac283637733cf9e8d17d6ba2ff30c15120abf813bd029735ef27
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1 HTTP/1.1
Host: uae14.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 19:41:11 GMT
date: Sat, 23 Sep 2023 19:41:11 GMT
cache-control: private, max-age=0
last-modified: Sat, 23 Sep 2023 09:02:45 GMT
etag: W/"4f751c3f21841bc01a0f3673720c3ee4cb56251741606c8956c79cfdb5533833"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 49735
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 17d4dac18fa2e921b6142e9a6e7638e9
3e4d5337720590d6a2b8941baf90fa8dfd9d752b
f367bf987bcfb690ef53baf4cca8970b83fe522c820de2babb8cb3c943fa84c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 8fe5097b12ddbaa7731f5c6d445db349
b1d9718a7e3ead4ad6c08b3c888129ddf9ba52af
3133a3d91f11eeb170b6a3149b7cceb04228b72a222187bcc374f1fbbdbf4bd3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 04c3317215dbb6290c22b51fb76ba3fd
4f6dd945ef1d6d3ff6863608e7f26b1ba0b00134
47ca7e2430599f81f776f12dfad83f9a89ac22c636adfdfbb7b001e3b9167c16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type ASCII text, with very long lines (32058)
Hash c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 15:15:19 GMT
expires: Thu, 19 Sep 2024 15:15:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 275153
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 04c3317215dbb6290c22b51fb76ba3fd
4f6dd945ef1d6d3ff6863608e7f26b1ba0b00134
47ca7e2430599f81f776f12dfad83f9a89ac22c636adfdfbb7b001e3b9167c16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 8fe5097b12ddbaa7731f5c6d445db349
b1d9718a7e3ead4ad6c08b3c888129ddf9ba52af
3133a3d91f11eeb170b6a3149b7cceb04228b72a222187bcc374f1fbbdbf4bd3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash aeafca61929af48f5ce5cc58fdaaed3c
f9c7530a7c334f9199f83a568fea5392ad41c8b9
a9b7cb4305b51e6964e793e0d5fb329c39c5cb8a1f7dafcc25b0074687abe954
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 51 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3920)
Hash 7e73f4088a92ed6bbffa3233d9c5d5eb
2a904604e529cafdd76aefbbfbb3388fe4c0cdea
a6cfb249d4a550a85e40b06b47941f71c6268815534d0ed87da8aca2bd442263
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 19:41:12 GMT
expires: Sat, 23 Sep 2023 19:41:12 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14422747198254681653
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 51 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3967)
Hash 4378651bfc382864d6bbb90e46887644
182d1adbfda2a455f6c918cbac3e6f6cb99aa513
7ebdf09ff7cf2ffbf273b9609a170a9ae14fbe4cede1484e52f9a18ebdc2731f
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 19:41:12 GMT
expires: Sat, 23 Sep 2023 19:41:12 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17766491232474648421
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51011
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash aeafca61929af48f5ce5cc58fdaaed3c
f9c7530a7c334f9199f83a568fea5392ad41c8b9
a9b7cb4305b51e6964e793e0d5fb329c39c5cb8a1f7dafcc25b0074687abe954
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6003985964137049&plah=uae14.blogspot.com
200 OK 132 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6003985964137049&plah=uae14.blogspot.com
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (2079)
Size 132 kB (131562 bytes)
Hash 8bf6f4612a04606da7eb10ae13adc7ab
d1851ed727649d7e1bfbe9078038e6a7dbff629a
c4c0d8a21734b0a62954603105c6fbac31499d1415e79b70d0f362d5469b4394
GET /pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6003985964137049&plah=uae14.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 19:41:12 GMT
expires: Sat, 23 Sep 2023 19:41:12 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 12392534538692747843
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 131562
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQQoqrCSJZNLemmclheeW1woqlQa84pkRB5JuZvc7QWFiNx9eIn3ay955luU4Zq4Tt3UzWVBLkeJrPW06bGosEkO7eVg4dmVcO6PEYaM-bgJsPTHG59paBSb15osh2RPksUctxNYpjWMGEWq2RGqW6JcbjCzfZVtStOmis8PbTVCiqCvr6qyntbRY7_rc/w400-h143/0.png
200 OK 38 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQQoqrCSJZNLemmclheeW1woqlQa84pkRB5JuZvc7QWFiNx9eIn3ay955luU4Zq4Tt3UzWVBLkeJrPW06bGosEkO7eVg4dmVcO6PEYaM-bgJsPTHG59paBSb15osh2RPksUctxNYpjWMGEWq2RGqW6JcbjCzfZVtStOmis8PbTVCiqCvr6qyntbRY7_rc/w400-h143/0.png
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 400 x 142, 8-bit/color RGB, non-interlaced\012- data
Hash a1dc17d8f5c3790ee065619ff072e6bb
81c7cefd8ed000f03fb74ecd3e91ddf6bfabebb8
e544287948bf44aaadea4fa4131d682b30d8dcb6c26c597444a1da8e9b9fa943
GET /img/b/R29vZ2xl/AVvXsEgQQoqrCSJZNLemmclheeW1woqlQa84pkRB5JuZvc7QWFiNx9eIn3ay955luU4Zq4Tt3UzWVBLkeJrPW06bGosEkO7eVg4dmVcO6PEYaM-bgJsPTHG59paBSb15osh2RPksUctxNYpjWMGEWq2RGqW6JcbjCzfZVtStOmis8PbTVCiqCvr6qyntbRY7_rc/w400-h143/0.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v3480b"
expires: Sun, 24 Sep 2023 19:41:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:12 GMT
server: fife
content-length: 37675
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU_O9G6vyGRke2O50mba0UzuwpzhRQMh0WoZHLNdJ-quUT_WqnEz3aYrtudSEiwYqDMK2Pqq08G6QmwpMe0spqXxIWbX2FCda4Cbleb8W2RZpqSDme3qwQPYSZjxI_MoZ6QoOZNSwWNEeqTp9C8rl4Tfk8bPxF85aUaMW9_tRXHEtsQR0-XboCwSSIAq4/w400-h234/1.png
200 OK 35 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU_O9G6vyGRke2O50mba0UzuwpzhRQMh0WoZHLNdJ-quUT_WqnEz3aYrtudSEiwYqDMK2Pqq08G6QmwpMe0spqXxIWbX2FCda4Cbleb8W2RZpqSDme3qwQPYSZjxI_MoZ6QoOZNSwWNEeqTp9C8rl4Tfk8bPxF85aUaMW9_tRXHEtsQR0-XboCwSSIAq4/w400-h234/1.png
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 400 x 234, 8-bit/color RGB, non-interlaced\012- data
Hash 476bd848197261c61b33eccd3c2ca30a
bd3844da811b02ed1304b5cdcdd6946296a21f60
79d4b77f87842f77bb357710c07c76c5cfb09e28650864fd9df75f5a39008deb
GET /img/b/R29vZ2xl/AVvXsEhU_O9G6vyGRke2O50mba0UzuwpzhRQMh0WoZHLNdJ-quUT_WqnEz3aYrtudSEiwYqDMK2Pqq08G6QmwpMe0spqXxIWbX2FCda4Cbleb8W2RZpqSDme3qwQPYSZjxI_MoZ6QoOZNSwWNEeqTp9C8rl4Tfk8bPxF85aUaMW9_tRXHEtsQR0-XboCwSSIAq4/w400-h234/1.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v3480c"
expires: Sun, 24 Sep 2023 19:41:12 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:12 GMT
server: fife
content-length: 34965
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
uae14.blogspot.com/feeds/posts/default/-/%D9%88%D8%B8%D8%A7%D8%A6%D9%81%20%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA?alt=json-in-script&redirect=false&start-index=1&max-results=6&callback=pllrst
200 OK 6.2 kB URL GET HTTP/3 uae14.blogspot.com/feeds/posts/default/-/%D9%88%D8%B8%D8%A7%D8%A6%D9%81%20%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA?alt=json-in-script&redirect=false&start-index=1&max-results=6&callback=pllrst
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type Unicode text, UTF-8 text, with very long lines (40805)
Hash 00850ff2d1eb199103a3db9393280f26
9d410082703f87a286f8c2e4cdf374a76e1870f9
b6b1d3e8447ed67aa3fc2f2eb3190abbaf6211413ae1bc15acc62f484e4e2648
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /feeds/posts/default/-/%D9%88%D8%B8%D8%A7%D8%A6%D9%81%20%D8%A7%D9%84%D8%A5%D9%85%D8%A7%D8%B1%D8%A7%D8%AA?alt=json-in-script&redirect=false&start-index=1&max-results=6&callback=pllrst HTTP/1.1
Host: uae14.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"8b71297f8e4d90f555d268fdde5f3bf4475308e5a2da8568cba748a12cc8fd6a"
date: Sat, 23 Sep 2023 19:41:12 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sat, 23 Sep 2023 19:41:13 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sat, 23 Sep 2023 09:02:45 GMT
content-encoding: gzip
content-length: 6171
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 04c3317215dbb6290c22b51fb76ba3fd
4f6dd945ef1d6d3ff6863608e7f26b1ba0b00134
47ca7e2430599f81f776f12dfad83f9a89ac22c636adfdfbb7b001e3b9167c16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=7627298350674401119&zx=9baa99cf-c9e3-4971-b2b3-c5c1a0ab0dbe
200 OK 21 B URL GET HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=7627298350674401119&zx=9baa99cf-c9e3-4971-b2b3-c5c1a0ab0dbe
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=7627298350674401119&zx=9baa99cf-c9e3-4971-b2b3-c5c1a0ab0dbe HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 19:41:12 GMT
last-modified: Sat, 23 Sep 2023 19:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
uae14.blogspot.com/2023/09/blog-post_94.html
200 OK 49 kB URL GET HTTP/3 uae14.blogspot.com/2023/09/blog-post_94.html
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1163)
Hash ff011984adede8e380ac965e949c66e9
1d511814ce6954bc11d081ee82f50a3cd6f4249d
9782202efc122018de19d3baa043b28620720b00c0f40702e33e5ea68a99634a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2023/09/blog-post_94.html HTTP/1.1
Host: uae14.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 19:41:12 GMT
date: Sat, 23 Sep 2023 19:41:12 GMT
cache-control: private, max-age=0
last-modified: Sat, 23 Sep 2023 09:02:45 GMT
etag: W/"4f751c3f21841bc01a0f3673720c3ee4cb56251741606c8956c79cfdb5533833"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 49214
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 5deab2863cc64ff54664df9e40738c24
7e731c4f0a6c9cbc80490586ddb39a82dcfbb5ae
fc49292164496bd63fb16adb3f5b6fc10d0c5f397c19007a858848257ea4a302
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 8bd82cc167dcfca92222c771cc727ea4
5412299d9da7fc26af5eb6ab0bb0adcbed11fe19
eaf1c14f5129b21a7ac323e2cb8a7d73b5258af575b971b7f8a507fd7f98577a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 51 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3920)
Hash f4dd7641512af72ab10b8e475045b396
40a64ecd08805d6d808e7f4609d8a5980310dbf3
b47cb4e4062d2e6e30f9d1a5a99b00e143b7e9e4fa5318ee82f55009d68002a7
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 19:41:12 GMT
expires: Sat, 23 Sep 2023 19:41:12 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 116976959870111292
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50933
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
partner.googleadservices.com/gampad/cookie.js?domain=uae14.blogspot.com&callback=_gfp_s_&client=ca-pub-6003985964137049
200 OK 250 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=uae14.blogspot.com&callback=_gfp_s_&client=ca-pub-6003985964137049
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
FingerprintEB:BF:81:86:29:44:29:54:16:A0:12:6C:6C:7F:D1:8D:ED:9E:97:1A
ValidityMon, 04 Sep 2023 08:21:47 GMT - Mon, 27 Nov 2023 08:21:46 GMT
File type ASCII text, with very long lines (391), with no line terminators
Hash cc71548153010f9d7c06cd4bac00e933
cfb22300ddaa7250ddc01048546485a9e9599ef9
6483b3579357fa8a13d94bc3757c6c9699abaec975c033384b741d9fcd8576ed
GET /gampad/cookie.js?domain=uae14.blogspot.com&callback=_gfp_s_&client=ca-pub-6003985964137049 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 23 Sep 2023 19:41:12 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 51 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3920)
Hash 71ed84e2b64d9f363455994dfaf16376
4f65c7c7c888e021b48878f1d47f412855290d6d
a7f8170ea9516abf30247c493ad31da7f283e321562fd00e467e25ad7b267b4a
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 19:41:12 GMT
expires: Sat, 23 Sep 2023 19:41:12 GMT
cache-control: private, max-age=3600, stale-while-revalidate=86400
content-type: text/javascript; charset=UTF-8
etag: 14222912822727381947
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50935
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash d5e402e3131f78cf91f4e949805f84b0
916218d5ed57b959e8c975cce1772b99b89f51bb
8a7d154e062586e5af0d0ce8ced6aaeaae10e8d3be3656def732fa12976f6ffb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 51 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (3920)
Hash b96390efe168433b427b2df068f05151
9ccad87d426ba162a2bbf66d682f6d74bb34d9c5
93b044de801be366b197d12758b75b1e0735b60f89ad6a6817ba90c664ad7e0e
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Sep 2023 19:41:13 GMT
expires: Sat, 23 Sep 2023 19:41:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11138089094220752881
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50932
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
uae14.blogspot.com/2023/09/blog-post_18.html
200 OK 49 kB URL GET HTTP/3 uae14.blogspot.com/2023/09/blog-post_18.html
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1163)
Hash bd2a2cb210c93fc409a8fc9ec9be4708
8d5f2a78427a3c9adccf049bfad7931690158273
42ca247a40bd034656338d12f976b1f6f75c185de45aa0c2d43e1d5514fa285d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2023/09/blog-post_18.html HTTP/1.1
Host: uae14.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 23 Sep 2023 19:41:13 GMT
date: Sat, 23 Sep 2023 19:41:13 GMT
cache-control: private, max-age=0
last-modified: Sat, 23 Sep 2023 09:02:45 GMT
etag: W/"4f751c3f21841bc01a0f3673720c3ee4cb56251741606c8956c79cfdb5533833"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 49416
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env
200 OK 12 kB URL GET HTTP/3 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type JSON data\012- , ASCII text, with very long lines (15857), with no line terminators
Hash 922388e0b2bdb2265b99e82c17c7dcc8
73c17aa2dd904c8dfa8cc22bb88edd174a3f983c
badb4f1e777a704677768ccc06d47d2c60dfc177d0f564899ef11962a351cd76
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uae14.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 23 Sep 2023 19:41:13 GMT
server: cafe
content-length: 11961
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash 5f51b90d588da5830fe2f42925d6bced
27e4e2138921def351cd58994edaf1bbeb26b60a
448968bd0ef2587926e2ffc64e36cbfa8590fa30880e143dabfba31ea5f98199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL GET HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
Fingerprint51:2A:C5:84:C9:49:F8:BA:3F:D9:82:0E:BA:01:C7:D5:36:C2:BA:64
ValidityMon, 04 Sep 2023 08:22:41 GMT - Mon, 27 Nov 2023 08:22:40 GMT
File type ASCII text, with very long lines (1321)
Hash 2cc87e9764aebcbbf36ff2061e6a2793
b4f2ffdf4c695aa79f0e63651c18a88729c2407b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 23 Sep 2023 19:41:13 GMT
expires: Sat, 23 Sep 2023 19:41:13 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL GET HTTP/3 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash 1d3d22df067f5219073f9c0fabb74fdd
d5c226022639323d93946df3571404116041e588
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 10:32:29 GMT
expires: Sun, 22 Sep 2024 10:32:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 32924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash c17d1900febb134482f5f3fdc9fd4b69
18d8f12fa6991f23477832a6c6a356fadd6e8508
19d15be13fbb8add8926f12e5c810a16851ee487bb211efa193d1ea199ecf0ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 8e0560c46747530b07f20c3704aecf0c
30e8a5e5b62c28ed29ef6408f9044f2d8a911db5
e5b8c6bd88bfb832b0b14cf3e17048b546cbf82d7de8d539f8fdad12794b3cb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 19:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
15 kB URL pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
File type ASCII text, with very long lines (37385)
Hash a325f5c00749f9340329610f4d80371b
41126a232c6859b49eab99a0a269fcb56a3f01ef
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
GET /bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 10:32:34 GMT
expires: Sun, 22 Sep 2024 10:32:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 32919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMOV_ANVjyl6Ccrt9KLVyp8cDpxu_nmzGHE9hc9FyGs0t2bLDfI70I9QL6__xhlfE9vzhe6ryRpmPTHZKgoIBgDkyLP2H4j2yPhVReSOEdpB1d1wHzLDRWkV22S2d6fWECutNfRQ7vpgGBEgAkVzixnvPaJGSnBaINO0Uax3MIcyX-pvn7uPi6QNIkBwA/w400-h209/0.png
200 OK 52 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMOV_ANVjyl6Ccrt9KLVyp8cDpxu_nmzGHE9hc9FyGs0t2bLDfI70I9QL6__xhlfE9vzhe6ryRpmPTHZKgoIBgDkyLP2H4j2yPhVReSOEdpB1d1wHzLDRWkV22S2d6fWECutNfRQ7vpgGBEgAkVzixnvPaJGSnBaINO0Uax3MIcyX-pvn7uPi6QNIkBwA/w400-h209/0.png
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 400 x 209, 8-bit/color RGB, non-interlaced\012- data
Hash 0f304bfe10e5714add874939efe35469
b75b05d51ea70dd0e9beece02de60529293357be
0bbdb9c48430955e1f94b78fffc81e5bc77a8f1f962d479c8e9b4c13bd8d3197
GET /img/b/R29vZ2xl/AVvXsEgMOV_ANVjyl6Ccrt9KLVyp8cDpxu_nmzGHE9hc9FyGs0t2bLDfI70I9QL6__xhlfE9vzhe6ryRpmPTHZKgoIBgDkyLP2H4j2yPhVReSOEdpB1d1wHzLDRWkV22S2d6fWECutNfRQ7vpgGBEgAkVzixnvPaJGSnBaINO0Uax3MIcyX-pvn7uPi6QNIkBwA/w400-h209/0.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v34807"
expires: Sun, 24 Sep 2023 19:41:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:13 GMT
server: fife
content-length: 51710
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQcTlB_IpaFceqZBpraFbiz87sF6HPd10YMs_JPwA_Re6fG208i6JV64nisENwi9v6Q7gStvS_gPHoaVgXC6gq3J4n3v3T5Mhuq7W-Xoz2_b2kQosTGHuf-OCPsPmVREg_wHJut7hvOUBlcXvNmybCD7I6CTt4CFkv9OTwZjv5zLf6wcWPbvc6V0C8wyw/w400-h143/0.jpg
200 OK 23 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQcTlB_IpaFceqZBpraFbiz87sF6HPd10YMs_JPwA_Re6fG208i6JV64nisENwi9v6Q7gStvS_gPHoaVgXC6gq3J4n3v3T5Mhuq7W-Xoz2_b2kQosTGHuf-OCPsPmVREg_wHJut7hvOUBlcXvNmybCD7I6CTt4CFkv9OTwZjv5zLf6wcWPbvc6V0C8wyw/w400-h143/0.jpg
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x142, components 3\012- data
Hash 3b8a82cd51bd2243846412cc329ae3ea
301605a7c4bfc5a679fec6c1f13eed5dc7b20734
3c1f2dc0da1d5fe4f6143fa6051d09a195c997f3d87d245b2d3f9bbd39f0f576
GET /img/b/R29vZ2xl/AVvXsEjQcTlB_IpaFceqZBpraFbiz87sF6HPd10YMs_JPwA_Re6fG208i6JV64nisENwi9v6Q7gStvS_gPHoaVgXC6gq3J4n3v3T5Mhuq7W-Xoz2_b2kQosTGHuf-OCPsPmVREg_wHJut7hvOUBlcXvNmybCD7I6CTt4CFkv9OTwZjv5zLf6wcWPbvc6V0C8wyw/w400-h143/0.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v347fd"
expires: Sun, 24 Sep 2023 19:41:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:13 GMT
server: fife
content-length: 22828
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixvf52PfUaBcRdFCSyjHEWdkUupIz5kozu53l2KGgd2k2Be5ajyXSCUbrEabdusj2TJZ0qL6OOqqVUeR6bcbuEeWlbf8489368iQi7tJFFJrNCgveP06mvzknRqViSzdAqkKm2BbtKmqJzT534XCbRvIHenjvn96EUTDjrLWErAz6-g06R5xNOZK7ngSk/w400-h154/0.png
200 OK 48 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixvf52PfUaBcRdFCSyjHEWdkUupIz5kozu53l2KGgd2k2Be5ajyXSCUbrEabdusj2TJZ0qL6OOqqVUeR6bcbuEeWlbf8489368iQi7tJFFJrNCgveP06mvzknRqViSzdAqkKm2BbtKmqJzT534XCbRvIHenjvn96EUTDjrLWErAz6-g06R5xNOZK7ngSk/w400-h154/0.png
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 400 x 154, 8-bit/color RGB, non-interlaced\012- data
Hash 7101cdcf99932891642d0b02771bac0a
98b70bed8977ddb29281b0fd3885af84e1ba13d1
da1700c5fce36ec604cab530ef8494edb3132d1c90ff2bb59061a2d33dd1ceb1
GET /img/b/R29vZ2xl/AVvXsEixvf52PfUaBcRdFCSyjHEWdkUupIz5kozu53l2KGgd2k2Be5ajyXSCUbrEabdusj2TJZ0qL6OOqqVUeR6bcbuEeWlbf8489368iQi7tJFFJrNCgveP06mvzknRqViSzdAqkKm2BbtKmqJzT534XCbRvIHenjvn96EUTDjrLWErAz6-g06R5xNOZK7ngSk/w400-h154/0.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v3480e"
expires: Sun, 24 Sep 2023 19:41:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:13 GMT
server: fife
content-length: 48363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbYAGqbUUguGJnS2ViQ9dDRHH6r2pJD6iXc8085_TYbHxcxLEB7rt3Npd4XpCoK8nn4nfDaeBLjQtN-JZ176p5md9ROVlUd0VWmiaxZL5EwvCPdGEH4vPBQnAi5oR_pWfJNHqHcqV4RnhjCYOS5ts_pjvP1Yo63hFlIOhnz5IZYlBaHfGRkbtTKxgqE7o/w400-h158/0.jpg
200 OK 26 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbYAGqbUUguGJnS2ViQ9dDRHH6r2pJD6iXc8085_TYbHxcxLEB7rt3Npd4XpCoK8nn4nfDaeBLjQtN-JZ176p5md9ROVlUd0VWmiaxZL5EwvCPdGEH4vPBQnAi5oR_pWfJNHqHcqV4RnhjCYOS5ts_pjvP1Yo63hFlIOhnz5IZYlBaHfGRkbtTKxgqE7o/w400-h158/0.jpg
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x158, components 3\012- data
Hash e289eaa452cde1bbc5a19a6f0f76b4dd
5d43e96c6edb13974613e5c1084be4ca1d1ff909
81a96c2603a0b0b8f3955bb50de95f4e738ac0143238c99ffbdbb73941eeff34
GET /img/b/R29vZ2xl/AVvXsEgbYAGqbUUguGJnS2ViQ9dDRHH6r2pJD6iXc8085_TYbHxcxLEB7rt3Npd4XpCoK8nn4nfDaeBLjQtN-JZ176p5md9ROVlUd0VWmiaxZL5EwvCPdGEH4vPBQnAi5oR_pWfJNHqHcqV4RnhjCYOS5ts_pjvP1Yo63hFlIOhnz5IZYlBaHfGRkbtTKxgqE7o/w400-h158/0.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v347f6"
expires: Sun, 24 Sep 2023 19:41:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:13 GMT
server: fife
content-length: 25702
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=2240489385065175&rc=
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=2240489385065175&rc=
IP
Requested by https://www.google.com/recaptcha/api2/aframe
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=2240489385065175&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha13OmIbMIdXuDT4DpMbMHmv71uu_YX25YU8zrGFl_WG6HfTvrVP0kvfZjpksAkftxDIy-7BCr7BZOgjPH9ywshVYpcg1tr7uATQeMwga1NM4Oeb8CEpRlcwOKLYiK2CXw5VwIchANMshLh36gbY4TriTCT7Fm2xbBblUzH4e2EWzfjKbIPGSPVYZkfno/w400-h145/0.jpg
200 OK 19 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha13OmIbMIdXuDT4DpMbMHmv71uu_YX25YU8zrGFl_WG6HfTvrVP0kvfZjpksAkftxDIy-7BCr7BZOgjPH9ywshVYpcg1tr7uATQeMwga1NM4Oeb8CEpRlcwOKLYiK2CXw5VwIchANMshLh36gbY4TriTCT7Fm2xbBblUzH4e2EWzfjKbIPGSPVYZkfno/w400-h145/0.jpg
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x145, components 3\012- data
Hash c57bd616779512b8200328d5c4b3be21
d43d0012526c792bc701aa1e90d602f9cd7573b7
ae3736fd51706b60c73c08e29fb5cbefb04182ed9a46075d737157b0292362fa
GET /img/b/R29vZ2xl/AVvXsEha13OmIbMIdXuDT4DpMbMHmv71uu_YX25YU8zrGFl_WG6HfTvrVP0kvfZjpksAkftxDIy-7BCr7BZOgjPH9ywshVYpcg1tr7uATQeMwga1NM4Oeb8CEpRlcwOKLYiK2CXw5VwIchANMshLh36gbY4TriTCT7Fm2xbBblUzH4e2EWzfjKbIPGSPVYZkfno/w400-h145/0.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v347d4"
expires: Sun, 24 Sep 2023 19:41:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:13 GMT
server: fife
content-length: 18716
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglMPmSMDtLF6vnLBWxbXBvfaaUpl5hasLXE_2zkE_R6EpQ_XpyD30SBLxsrl4bv5egH28e_FlSv5yj9o4srMmfE-NoXgQv7NEDYgW8jKkrw_H93FGSsD79gvd1LkOm7vlvMZ9uPmW7jZ4zujeARkpUWO6ba6qMk8PFZHpy26QSLcFo4KJBnBaWQlfWIGM/w400-h154/1.png
200 OK 28 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglMPmSMDtLF6vnLBWxbXBvfaaUpl5hasLXE_2zkE_R6EpQ_XpyD30SBLxsrl4bv5egH28e_FlSv5yj9o4srMmfE-NoXgQv7NEDYgW8jKkrw_H93FGSsD79gvd1LkOm7vlvMZ9uPmW7jZ4zujeARkpUWO6ba6qMk8PFZHpy26QSLcFo4KJBnBaWQlfWIGM/w400-h154/1.png
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 400 x 153, 8-bit/color RGB, non-interlaced\012- data
Hash d35a74d41069889239fd1acd3080adf1
d5647e322b4cc0c5e1d433d19f077ab4c40663b7
7242bbd8d4fd71a7f86a416a31b33b370589d2c659354ed8891bbf9396594378
GET /img/b/R29vZ2xl/AVvXsEglMPmSMDtLF6vnLBWxbXBvfaaUpl5hasLXE_2zkE_R6EpQ_XpyD30SBLxsrl4bv5egH28e_FlSv5yj9o4srMmfE-NoXgQv7NEDYgW8jKkrw_H93FGSsD79gvd1LkOm7vlvMZ9uPmW7jZ4zujeARkpUWO6ba6qMk8PFZHpy26QSLcFo4KJBnBaWQlfWIGM/w400-h154/1.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v347d0"
expires: Sun, 24 Sep 2023 19:41:14 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:14 GMT
server: fife
content-length: 27885
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfjkAN8J1pPpeiydhxkfCJyv9qb3USJgAKsiK_5qJSB9XgSlzwoPOtMrbT1pyHK4dfNKjyu4TV8CPrF7rG8d3msu9Ir6OZ5g3-zBM4FAdD6yiemwCyeap8clxGbzifN5vX24K056sFsDkPJJoT79cAo17G90OsGXluiKygHhwXpngCi09l21d04hMkZZ4/w400-h150/0.jpg
200 OK 16 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfjkAN8J1pPpeiydhxkfCJyv9qb3USJgAKsiK_5qJSB9XgSlzwoPOtMrbT1pyHK4dfNKjyu4TV8CPrF7rG8d3msu9Ir6OZ5g3-zBM4FAdD6yiemwCyeap8clxGbzifN5vX24K056sFsDkPJJoT79cAo17G90OsGXluiKygHhwXpngCi09l21d04hMkZZ4/w400-h150/0.jpg
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 398x150, components 3\012- data
Hash 3ea633da2d4ec07b6a3dd94d098e19f9
82bab16c39d38755ac13cdd16bda35dcd8a527cd
2f029010d8a7b72cc16e7a2939ef851ec172f3e72bab8f3bcae2e3a90607f70e
GET /img/b/R29vZ2xl/AVvXsEjfjkAN8J1pPpeiydhxkfCJyv9qb3USJgAKsiK_5qJSB9XgSlzwoPOtMrbT1pyHK4dfNKjyu4TV8CPrF7rG8d3msu9Ir6OZ5g3-zBM4FAdD6yiemwCyeap8clxGbzifN5vX24K056sFsDkPJJoT79cAo17G90OsGXluiKygHhwXpngCi09l21d04hMkZZ4/w400-h150/0.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v347cc"
expires: Sun, 24 Sep 2023 19:41:14 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:14 GMT
server: fife
content-length: 16468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tpc.googlesyndication.com/generate_204?abnO0A
0 B URL tpc.googlesyndication.com/generate_204?abnO0A
IP
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
Fingerprint51:2A:C5:84:C9:49:F8:BA:3F:D9:82:0E:BA:01:C7:D5:36:C2:BA:64
ValidityMon, 04 Sep 2023 08:22:41 GMT - Mon, 27 Nov 2023 08:22:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?abnO0A HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sat, 23 Sep 2023 19:41:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiu0IeE7PwezNb6RE30-UXuA86e73g3HItyVDGAREUXhQ-iSUQSEU6ag6uTUlHaxqTx-tIllmzC1qoOGrQIob_KG0PmOXYUwk8ByrfTV6_M_Eh3-3GPenzrpoV7djRriio9TE5r82XgV1En6lX2Ym_GBMjtfsdAfLNFI9g4rfXe9Y5xCvIMNVgxBxI03VI/w400-h160/0.jpg
200 OK 17 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiu0IeE7PwezNb6RE30-UXuA86e73g3HItyVDGAREUXhQ-iSUQSEU6ag6uTUlHaxqTx-tIllmzC1qoOGrQIob_KG0PmOXYUwk8ByrfTV6_M_Eh3-3GPenzrpoV7djRriio9TE5r82XgV1En6lX2Ym_GBMjtfsdAfLNFI9g4rfXe9Y5xCvIMNVgxBxI03VI/w400-h160/0.jpg
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x160, components 3\012- data
Hash bc4b26f89532b5385c5d80eff4ca1b20
71ed37157ed8d0d61f2cd822033c3c681b5d9985
dffa39a9960542a5537331af850f6c56b090ef11b776a241126a7bd94fe3829c
GET /img/b/R29vZ2xl/AVvXsEiu0IeE7PwezNb6RE30-UXuA86e73g3HItyVDGAREUXhQ-iSUQSEU6ag6uTUlHaxqTx-tIllmzC1qoOGrQIob_KG0PmOXYUwk8ByrfTV6_M_Eh3-3GPenzrpoV7djRriio9TE5r82XgV1En6lX2Ym_GBMjtfsdAfLNFI9g4rfXe9Y5xCvIMNVgxBxI03VI/w400-h160/0.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v347bf"
expires: Sun, 24 Sep 2023 19:41:14 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0.jpg"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:14 GMT
server: fife
content-length: 17260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
uae14.blogspot.com/favicon.ico
200 OK 412 B URL GET HTTP/3 uae14.blogspot.com/favicon.ico
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: uae14.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sat, 23 Sep 2023 19:41:14 GMT
date: Sat, 23 Sep 2023 19:41:14 GMT
cache-control: private, max-age=86400
last-modified: Sat, 23 Sep 2023 09:02:45 GMT
etag: W/"4f751c3f21841bc01a0f3673720c3ee4cb56251741606c8956c79cfdb5533833"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=2240489385065175&bg=!FRalFlnNAAYrDsWMCw47ADQBe5WfOMbYrhrd2AEgicHHJEpjEvDKwl8fdjhMFIRF4aza9is5Eac7iX8VRPZ89ejh2v6sAgAAAW9SAAAAGGgBBwoBDwi29DbiYhhVd4HYaHLr6tx7LeBLx7OXIc8Gjc-U2BNA-WfLroPa6LRGWjBQTxMnZVm4L_KIv2KAayBIcdEOjcjAwb2J2k-319M4EIzF2j3wMJ4NvQ-75wmyR6IE3wltTGi8hdjEo4k_pLXYffTZQGIC6LRnW68c2lz1aNH2kXz2lzFhjZcN45QBoQSHVoqhjYAFca_IkZXkPP3ce2OOr_Ie-5s2wNyZI5rll81m7Ac9DFAdgeCJKAuDcZTqOdNEfTh8XBj1ZXT56gpkUfS6UtCjv5RWh_eBOpbuxUHFGMfm59YSTXCk8zSsfryGdTTZGVsII9ekkLpFTtOqD5sRMmy4npd1v08ZcEy4LrUV0E6ZAn0PAx7g7lewq-cwvazwq8GbQdoqvDWzk8eVmJrdiMThP6j2NVjBb5sxAAtYB9PkZriW9lehXvXE1mFXxM_vIt_E5BP4THsMHk9AHyc7SHB0docjiBlNPjWUI7kvX0QxwCYsoM6ttzsjB4o9L3rKb02D736Lll8vocytMhLGjGjN08gtKVrAlLZAzXH_Wl1AUPsX_ri2e8ujFD5tSYdnePVCqX2nSbNT1VDErhL1dcQlmvsxGn0EWl95RHnJzQccdLNf_80Ri5KFwbUVfY16nTZ5jiGpfdaFfy7MHSGBxaCw-9b-aw-045gUcY6H_EpueyVqTiQXshxsUyNyNPHZWceK5jAqERPx2E_V7PCz-iw-u_8Y2TSPhwVr_NFxc7qJkvYM_8RA0KsZJ6eyIzpx6rkR1MS62zsaOy810aOjqPlwvmSNRSvvb2vouEtpbI1N54YjTL0576LWy7Lb2_-GXFGuf5W_8d-ybiywRbzdefVBguQ_Axe8UByA0uIPhxUfL9MVhdAvX0D370u56bgJZiaqoiIgVY2qSwxjwpLpLf2V98zOkwJ5PlMf1zKi6FoG_SV61XJmh21XOldrSzM8Xyw88gBk1bYsOTwQvxS-5NI_1KWE0WIZ08bScPd1kSOPn0A25LuKXBWFg-Tal6cZzsR9zOpTn4d5zRz8tuVLlOQbBSIl9UmB1FNs0G31-BDPbrbC2CBdtFFVGlsrxg0i1xAD-fO5pipQFNqdG-LdkpU0cBz-0kNMUmOHvibVmKuyyz96n0IANY8zO1M7ZYpP2K2AdPsjb9o6cLZS9beRczmlTSB23sJdNQHL7OsE9OTyxjz94kFPT75AIyzXLX4k
204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=2240489385065175&bg=!FRalFlnNAAYrDsWMCw47ADQBe5WfOMbYrhrd2AEgicHHJEpjEvDKwl8fdjhMFIRF4aza9is5Eac7iX8VRPZ89ejh2v6sAgAAAW9SAAAAGGgBBwoBDwi29DbiYhhVd4HYaHLr6tx7LeBLx7OXIc8Gjc-U2BNA-WfLroPa6LRGWjBQTxMnZVm4L_KIv2KAayBIcdEOjcjAwb2J2k-319M4EIzF2j3wMJ4NvQ-75wmyR6IE3wltTGi8hdjEo4k_pLXYffTZQGIC6LRnW68c2lz1aNH2kXz2lzFhjZcN45QBoQSHVoqhjYAFca_IkZXkPP3ce2OOr_Ie-5s2wNyZI5rll81m7Ac9DFAdgeCJKAuDcZTqOdNEfTh8XBj1ZXT56gpkUfS6UtCjv5RWh_eBOpbuxUHFGMfm59YSTXCk8zSsfryGdTTZGVsII9ekkLpFTtOqD5sRMmy4npd1v08ZcEy4LrUV0E6ZAn0PAx7g7lewq-cwvazwq8GbQdoqvDWzk8eVmJrdiMThP6j2NVjBb5sxAAtYB9PkZriW9lehXvXE1mFXxM_vIt_E5BP4THsMHk9AHyc7SHB0docjiBlNPjWUI7kvX0QxwCYsoM6ttzsjB4o9L3rKb02D736Lll8vocytMhLGjGjN08gtKVrAlLZAzXH_Wl1AUPsX_ri2e8ujFD5tSYdnePVCqX2nSbNT1VDErhL1dcQlmvsxGn0EWl95RHnJzQccdLNf_80Ri5KFwbUVfY16nTZ5jiGpfdaFfy7MHSGBxaCw-9b-aw-045gUcY6H_EpueyVqTiQXshxsUyNyNPHZWceK5jAqERPx2E_V7PCz-iw-u_8Y2TSPhwVr_NFxc7qJkvYM_8RA0KsZJ6eyIzpx6rkR1MS62zsaOy810aOjqPlwvmSNRSvvb2vouEtpbI1N54YjTL0576LWy7Lb2_-GXFGuf5W_8d-ybiywRbzdefVBguQ_Axe8UByA0uIPhxUfL9MVhdAvX0D370u56bgJZiaqoiIgVY2qSwxjwpLpLf2V98zOkwJ5PlMf1zKi6FoG_SV61XJmh21XOldrSzM8Xyw88gBk1bYsOTwQvxS-5NI_1KWE0WIZ08bScPd1kSOPn0A25LuKXBWFg-Tal6cZzsR9zOpTn4d5zRz8tuVLlOQbBSIl9UmB1FNs0G31-BDPbrbC2CBdtFFVGlsrxg0i1xAD-fO5pipQFNqdG-LdkpU0cBz-0kNMUmOHvibVmKuyyz96n0IANY8zO1M7ZYpP2K2AdPsjb9o6cLZS9beRczmlTSB23sJdNQHL7OsE9OTyxjz94kFPT75AIyzXLX4k
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=2240489385065175&bg=!FRalFlnNAAYrDsWMCw47ADQBe5WfOMbYrhrd2AEgicHHJEpjEvDKwl8fdjhMFIRF4aza9is5Eac7iX8VRPZ89ejh2v6sAgAAAW9SAAAAGGgBBwoBDwi29DbiYhhVd4HYaHLr6tx7LeBLx7OXIc8Gjc-U2BNA-WfLroPa6LRGWjBQTxMnZVm4L_KIv2KAayBIcdEOjcjAwb2J2k-319M4EIzF2j3wMJ4NvQ-75wmyR6IE3wltTGi8hdjEo4k_pLXYffTZQGIC6LRnW68c2lz1aNH2kXz2lzFhjZcN45QBoQSHVoqhjYAFca_IkZXkPP3ce2OOr_Ie-5s2wNyZI5rll81m7Ac9DFAdgeCJKAuDcZTqOdNEfTh8XBj1ZXT56gpkUfS6UtCjv5RWh_eBOpbuxUHFGMfm59YSTXCk8zSsfryGdTTZGVsII9ekkLpFTtOqD5sRMmy4npd1v08ZcEy4LrUV0E6ZAn0PAx7g7lewq-cwvazwq8GbQdoqvDWzk8eVmJrdiMThP6j2NVjBb5sxAAtYB9PkZriW9lehXvXE1mFXxM_vIt_E5BP4THsMHk9AHyc7SHB0docjiBlNPjWUI7kvX0QxwCYsoM6ttzsjB4o9L3rKb02D736Lll8vocytMhLGjGjN08gtKVrAlLZAzXH_Wl1AUPsX_ri2e8ujFD5tSYdnePVCqX2nSbNT1VDErhL1dcQlmvsxGn0EWl95RHnJzQccdLNf_80Ri5KFwbUVfY16nTZ5jiGpfdaFfy7MHSGBxaCw-9b-aw-045gUcY6H_EpueyVqTiQXshxsUyNyNPHZWceK5jAqERPx2E_V7PCz-iw-u_8Y2TSPhwVr_NFxc7qJkvYM_8RA0KsZJ6eyIzpx6rkR1MS62zsaOy810aOjqPlwvmSNRSvvb2vouEtpbI1N54YjTL0576LWy7Lb2_-GXFGuf5W_8d-ybiywRbzdefVBguQ_Axe8UByA0uIPhxUfL9MVhdAvX0D370u56bgJZiaqoiIgVY2qSwxjwpLpLf2V98zOkwJ5PlMf1zKi6FoG_SV61XJmh21XOldrSzM8Xyw88gBk1bYsOTwQvxS-5NI_1KWE0WIZ08bScPd1kSOPn0A25LuKXBWFg-Tal6cZzsR9zOpTn4d5zRz8tuVLlOQbBSIl9UmB1FNs0G31-BDPbrbC2CBdtFFVGlsrxg0i1xAD-fO5pipQFNqdG-LdkpU0cBz-0kNMUmOHvibVmKuyyz96n0IANY8zO1M7ZYpP2K2AdPsjb9o6cLZS9beRczmlTSB23sJdNQHL7OsE9OTyxjz94kFPT75AIyzXLX4k HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/aframe
200 OK 829 B URL GET HTTP/2 www.google.com/recaptcha/api2/aframe
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintD2:77:FE:08:C6:61:6A:42:5C:1F:85:13:DA:23:B2:B8:46:20:45:88
ValidityMon, 04 Sep 2023 08:23:29 GMT - Mon, 27 Nov 2023 08:23:28 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (853), with no line terminators
Hash 7bf41bd82913a9a21fc62c353263f337
4e7f760adfa4f1df04db196d2dfce6580af733c0
22aaeb838e69f5bd3d64032c59cbb889375bac3df13d35ccd0bbd23cfbd01e66
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 23 Sep 2023 19:41:13 GMT
date: Sat, 23 Sep 2023 19:41:13 GMT
cache-control: private, max-age=300
content-security-policy: script-src 'nonce-paUu_pjKhiUhOp2OHU-MYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOuP1y5N6GPS3OZRt8A44__m-wLJj_SxKPtrHbh4cg2370eL_TuxY6IfWI_QirkoaxkUcgLmdFL60I7rmwQ9cCu1acJQgWj05efTq09PahDGM76aaMQNC2BoPPXhyg8wNBh0FT24waThGSHsVCAlRk6aCveYb-xBZQSkj-icUlH6mqbZ1lC3nSxfnPF5w/w400-h129/1.png
200 OK 42 kB URL GET HTTP/3 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOuP1y5N6GPS3OZRt8A44__m-wLJj_SxKPtrHbh4cg2370eL_TuxY6IfWI_QirkoaxkUcgLmdFL60I7rmwQ9cCu1acJQgWj05efTq09PahDGM76aaMQNC2BoPPXhyg8wNBh0FT24waThGSHsVCAlRk6aCveYb-xBZQSkj-icUlH6mqbZ1lC3nSxfnPF5w/w400-h129/1.png
IP
Requested by https://uae14.blogspot.com/2023/09/blog-post_82.html?fbclid=IwAR0T3MikDdBCPO2Sz3Oc451TYcoZOpT0-I4rbfoqLpRaQQdI3ZjAX3LmdeI&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type PNG image data, 400 x 129, 8-bit/color RGB, non-interlaced\012- data
Hash 0cead4821f2379514f8159c2af8d68e3
8c7afdf1d67d41555b7b48615281d1219a65133a
4b731e95c32c51c107fdbb207e924f53acddc51463537b131fc10d974d7ee352
GET /img/b/R29vZ2xl/AVvXsEiOuP1y5N6GPS3OZRt8A44__m-wLJj_SxKPtrHbh4cg2370eL_TuxY6IfWI_QirkoaxkUcgLmdFL60I7rmwQ9cCu1acJQgWj05efTq09PahDGM76aaMQNC2BoPPXhyg8wNBh0FT24waThGSHsVCAlRk6aCveYb-xBZQSkj-icUlH6mqbZ1lC3nSxfnPF5w/w400-h129/1.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uae14.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/png
vary: Origin
access-control-expose-headers: Content-Length
etag: "v34808"
expires: Sun, 24 Sep 2023 19:41:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1.png"
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 19:41:13 GMT
server: fife
content-length: 42466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
172.217.21.161