Report - tinctimarchtran1974.blogspot.ro/

Report Overview

Submitted URL
tinctimarchtran1974.blogspot.ro/
IP
172.217.21.161
ASN
#15169 GOOGLE
Submitted
2023-01-31 12:39:46
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
developers.google.com	12980	2012-06-04T14:32:46Z	2023-03-13T07:19:46Z	836 B	1.2 kB	172.217.21.174
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	964 B	172.64.155.188
tinctimarchtran1974.blogspot.ro	unknown	2022-07-11T04:39:49Z	2023-01-13T10:27:51Z	363 B	624 B	172.217.21.161
www.blogger.com	8975	2012-05-22T09:35:03Z	2023-03-13T05:09:21Z	1.3 kB	66 kB	216.58.207.233
tinctimarchtran1974.blogspot.com	unknown	2022-07-05T03:16:21Z	2023-02-28T11:07:16Z	1.2 kB	7.1 kB	172.217.21.161
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	68 kB	34.120.237.76
apis.google.com	105	2013-05-06T22:20:21Z	2023-03-13T05:09:32Z	2.1 kB	282 kB	142.250.74.46
accounts.google.com	81	2016-03-20T13:44:49Z	2023-03-13T07:05:07Z	649 B	5.3 kB	142.250.74.109
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.8 kB	7.7 kB	142.250.74.131
gg.gg	172656	2013-04-18T16:11:12Z	2023-03-13T05:51:22Z	10 kB	147 kB	91.215.42.31
www.statcounter.com	11621	2013-07-16T11:44:13Z	2023-03-13T08:18:23Z	281 B	15 kB	104.20.218.77
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	95.101.11.115
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.86.38.2
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
c.statcounter.com	7772	2016-09-21T12:59:04Z	2023-03-13T05:35:41Z	679 B	565 B	104.20.219.77

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-31 12:39:54	high	Client IP	Internal IP	ET POLICY GG Url Shortener Observed in DNS Query
2023-01-31 12:39:54	high	Client IP	Internal IP	ET POLICY GG Url Shortener Observed in DNS Query

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	tinctimarchtran1974.blogspot.ro/	Phishing
2023-01-31	medium	tinctimarchtran1974.blogspot.com/	Phishing
2023-01-31	medium	tinctimarchtran1974.blogspot.com/	Phishing
2023-01-31	medium	tinctimarchtran1974.blogspot.com/js/cookienotice.js	Phishing
2023-01-31	medium	gg.gg/gtha2	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	www.blogger.com/static/v1/widgets/1253685842-widgets.js	156 kB	2023-03-13	2023-03-13
Pretty URL www.blogger.com/static/v1/widgets/1253685842-widgets.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:40:46 Last Seen2023-03-13 13:18:36 Times Seen1 Hash 282c3db331d4d3d06779b0b8a60ef7c2 c0450142786dc1ce0f3875608b38591ff7eaaf1b 6c3f04bab4d89e7ea271ecb6ffd98b1fb47634d30cc10aa52169c4d2bdefce77 Loading...

	apis.google.com/js/plusone.js	55 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/js/plusone.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:30:09 Last Seen2023-03-14 14:13:10 Times Seen1 Hash 16c58379dbc00071e786bbcd4201ba8b 41263545ee7cfe317f627bde06a2113412522b08 6cae3ec13bbff388bc73c59a24021f69f4ca6d901de9912005af469f2d750aa8 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs	152 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:30:09 Last Seen2023-03-14 14:13:10 Times Seen1 Hash 17f8a13c08d686864cf2e90b3c1f501c fb1b45fee77fcf9292297818da49aed9bea10173 7fc95c63ef763ca78bc62910711282071e88a80e2d744534bbbf9762282f64b1 Loading...

	www.statcounter.com/counter/counter.js	44 kB	2023-03-07	2024-03-30
Pretty URL www.statcounter.com/counter/counter.js IP 104.20.218.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:55 Last Seen2024-03-30 16:46:15 Times Seen13 Hash 366890db672c87ff79dd22a7534643d2 e7b0da6b49f35363f125deb595ff67ccb0dc222c 38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598 Loading...

	gg.gg/gtha2	117 B	2023-03-07	2023-04-02
Pretty URL gg.gg/gtha2 IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-04-02 21:19:05 Times Seen33 Hash 113329e5947896d5408abaf115682089 c4427c8200c0d80d8e9d1cdb83467c675219741c e6bf7b3492d1601187221e2163471129eac56ffaea6f175a1a985782fe565f17 Loading...

	tinctimarchtran1974.blogspot.com/js/cookienotice.js	6.5 kB	2023-03-07	2024-04-24
Pretty URL tinctimarchtran1974.blogspot.com/js/cookienotice.js IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-24 11:12:01 Times Seen113245 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	tinctimarchtran1974.blogspot.com/	789 B	2023-03-07	2024-02-13
Pretty URL tinctimarchtran1974.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-02-13 16:43:35 Times Seen49861 Hash 0699fb3015610319b1639f47466451f0 5f4d8a4022f3a687921d7b3dce01cfc5bd62248f 2443e5c9c4ba5a75e030860f998bcf800907b0d4b3c4017999c2ed7ac84eeefa Loading...

	gg.gg/js/jquery.corners.min.js	10 kB	2023-03-07	2024-04-17
Pretty URL gg.gg/js/jquery.corners.min.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-04-17 18:36:10 Times Seen519 Hash 0425d5aca5c038781800b103ef65c5d8 11c0ed86f1ae8a990ae7c5a6c721f1dcb352af8f a450356c7550c1c8bd4ef8c10aea93a62de7b22bb1005141aff41110a02d11ad Loading...

	gg.gg/gtha2	302 B	2023-03-07	2023-04-02
Pretty URL gg.gg/gtha2 IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-04-02 21:19:05 Times Seen33 Hash d575f1d3509fbe01c4bb77ca46622c61 2dcb9b87d8ade6de2b78c144963830affe0ae623 82f4489edfccf07f3effa84bed5a9ca6a90fb8b898c8e586c34c0f7f6f61089f Loading...

	apis.google.com/js/rpc:shindig_random.js?onload=init	18 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/js/rpc:shindig_random.js?onload=init IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:21 Last Seen2023-03-14 14:08:59 Times Seen1 Hash 9a18df4fac73ae8e8b2ff7e90922d1a9 5a3f2b133cbe25f6bbed7a47a24370907517ee3e 4cfbb8c5801c099ba913266fb5da394fcacafcc48bc667112b48444fb6a5d362 Loading...

	gg.gg/js/jquery.zclip.min.js	7.4 kB	2023-03-07	2024-04-17
Pretty URL gg.gg/js/jquery.zclip.min.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-04-17 18:36:09 Times Seen544 Hash ed3ba6e9aeed8aa665844e5ade17576e 8c8b08b8592734439278e62bf913646b61412f23 ae63c897e26d3cab90b28bd9fa6adde37fc323582619ad9318f48e117cbf64ab Loading...

	gg.gg/js/jquery.tag-it.js	16 kB	2023-03-07	2024-04-17
Pretty URL gg.gg/js/jquery.tag-it.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-04-17 18:36:10 Times Seen509 Hash 8387a9ca0459e0568fdd3bd15e1bd1bf bba149f9979530786fbb8069bcaa340eeef3712d 04a595cb9eae0a734d474bde7cba253390a5cd5f5a6b6234c88df9bcf36e7e15 Loading...

	gg.gg/js/logic.js?v3	6.2 kB	2023-03-07	2024-04-17
Pretty URL gg.gg/js/logic.js?v3 IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-04-17 18:36:10 Times Seen498 Hash 6115f85479309c9e6fc03c3e06c06698 8f1627afb2bca580a6c52b69b549f5290c3efeb7 2fcb1a03d5580a3486e27d980930554e63ffdb730e7ab67c9c9c50c26a100fa9 Loading...

	tinctimarchtran1974.blogspot.com/	275 B	2023-03-07	2024-04-24
Pretty URL tinctimarchtran1974.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-24 11:12:00 Times Seen57282 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	gg.gg/js/jquery-1.7.2.min.js	95 kB	2023-03-07	2024-04-24
Pretty URL gg.gg/js/jquery-1.7.2.min.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-24 09:13:49 Times Seen13745 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	gg.gg/js/jquery-ui-1.8.21.custom.min.js	207 kB	2023-03-07	2024-04-17
Pretty URL gg.gg/js/jquery-ui-1.8.21.custom.min.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-04-17 18:36:10 Times Seen599 Hash 03afe455536a9c44ad82cf1425e354b6 4d6a5f3a7e2ff4bcdabfcd3fef8b2e8e05197480 da8edc2a2b29e48e48480a779d36a1eeef6ad155120bdd1b7eb36d4d8fadd32b Loading...

	ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js	10 kB	2023-03-07	2023-03-17
Pretty URL ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-03-17 17:17:05 Times Seen1 Hash 69c93809ee794c3e963df5e9aa5fe99d 53e4fac1a579d5cb826100d4dbe9e890385649ec 0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275 Loading...

	tinctimarchtran1974.blogspot.com/	6.0 kB	2023-03-13	2023-03-13
Pretty URL tinctimarchtran1974.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:18:36 Last Seen2023-03-13 13:18:36 Times Seen1 Hash d2eb7f4d9c42858b839043ad5eab363d 345f89eb22ee99e8a29050f807c78efc889678ac 42950ffd98f8313d480bc62401109492632dd961e930d382415a128f81fe22c2 Loading...

	gg.gg/gtha2	371 B	2023-03-07	2023-04-02
Pretty URL gg.gg/gtha2 IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2023-04-02 21:19:05 Times Seen32 Hash fa41bd48a35b0ad60d566107e28a2eaa 2dd8dab50d217e2ba6e917929d70ee5c8ad2929b 761db903581aa96a1f234d9d7ea11ffd92106a8b73a191393ac26e5f96e71adf Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs	58 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:23:00 Last Seen2023-03-14 14:06:21 Times Seen1 Hash 7efd79aa58c87e00d965d29b32bfcde1 3165ae4f10f5a455b5270e4ee87a80c114944110 7b529b766a60ee621ba8dda6053efe27245bc11a0cc565894d109cbbf2cc3dee Loading...

	gg.gg/js/jquery.cookie.js	1.9 kB	2023-03-07	2024-04-17
Pretty URL gg.gg/js/jquery.cookie.js IP 91.215.42.31 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:17:11 Last Seen2024-04-17 18:36:10 Times Seen547 Hash 3291194034b434bb51afaa5aabd2313a ee31f8edef296efe486218e3b434e816612ef848 d6f218e7eb673e6264b7b6c71d9a46c2379cb2f396c3317d7ecedbf0b99ab2c9 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_1?le=scs	106 kB	2023-03-13	2023-03-14
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_1?le=scs IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:23:00 Last Seen2023-03-14 14:01:24 Times Seen1 Hash 96f1e531d687c6a17700f77d2dbec24d df8268577cc8c35ca0ff61243951561aff4aa428 35e3e7f1c6c25cbf2ed7bb30a4aa4c0a2e0075aebb05ece2589c8a50931861fe Loading...

HTTP Transactions (60)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8964
Expires: Tue, 31 Jan 2023 15:08:59 GMT
Date: Tue, 31 Jan 2023 12:39:35 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11011
Expires: Tue, 31 Jan 2023 15:43:06 GMT
Date: Tue, 31 Jan 2023 12:39:35 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 12:35:54 GMT
content-type: application/json
age: 221
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5372
Expires: Tue, 31 Jan 2023 14:09:07 GMT
Date: Tue, 31 Jan 2023 12:39:35 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: G1AEtp2k41OYIxtu8yWKkrOoRfSpsqtuMerMJE4IXmLK6VWsfeIme9AADThB7cNSHoYxZc7dBtY=
x-amz-request-id: 8CDNEAHH9SHJW7PW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 11:51:09 GMT
age: 2906
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 12:39:35 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 11:49:04 GMT
age: 3031
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

tinctimarchtran1974.blogspot.ro/

172.217.21.161

302 Moved Temporarily

186 B

URL HTTP/1.1
tinctimarchtran1974.blogspot.ro/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
186 B (186 bytes)
Hash
13923e8ef41dd81e7b8b1fc9c875b822
8b576a4c6212b8dd221b650bbbb9a5e12336acbb
9a4915c92a21ab535fa19177970a7e01de354cc970e86437f1d1c6a4bd620a2f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: tinctimarchtran1974.blogspot.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Location: http://tinctimarchtran1974.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 31 Jan 2023 12:39:35 GMT
Expires: Tue, 31 Jan 2023 12:39:35 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 186
Server: GSE

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9670
Expires: Tue, 31 Jan 2023 15:20:45 GMT
Date: Tue, 31 Jan 2023 12:39:35 GMT
Connection: keep-alive

push.services.mozilla.com/

35.86.38.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.86.38.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tAy2qmVb2fopX0rq22aQNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o8hHeNm12Bv+m22V7erhRlFxAPM=

tinctimarchtran1974.blogspot.com/

172.217.21.161

301 Moved Permanently

187 B

URL HTTP/1.1
tinctimarchtran1974.blogspot.com/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
187 B (187 bytes)
Hash
935530b9599ea84e7eddc7764aac1261
e0ca632f11cea459da8378cb3083eecce37b9c5c
3d29719586c214f811025252e40a66512f7318a3038fc0371c4ba45113475d1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: tinctimarchtran1974.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://tinctimarchtran1974.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 31 Jan 2023 12:39:36 GMT
Expires: Tue, 31 Jan 2023 12:39:36 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 187
Server: GSE

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
00f4a0e788bd484c84f6fc7407e06ad3
840418f49c444dc62e370825451b945ff89e99bf
69b2086f39e1f30b567049191696db642db8babe79a0c6ce084b06cdbc962b6b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tinctimarchtran1974.blogspot.com/

172.217.21.161

200 OK

3.2 kB

URL HTTP/2
tinctimarchtran1974.blogspot.com/
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4181)
Size
3.2 kB (3201 bytes)
Hash
cb88aeab08dfbd111c2ee8a7e90ad43a
ee94609423c279cdfae24eff694cb460a56e0ba2
c80b3bbb714c2820b6099c4f3459d3e4fd675fa5603952d5ab053ef46c619a94

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: tinctimarchtran1974.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 31 Jan 2023 12:39:36 GMT
date: Tue, 31 Jan 2023 12:39:36 GMT
cache-control: private, max-age=0
last-modified: Fri, 06 Nov 2020 09:50:50 GMT
etag: W/"168ab5340bc9f4cf9c50336cd386ccc1cfca070217b66b4b3909140bad9b7106"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 3201
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
00f4a0e788bd484c84f6fc7407e06ad3
840418f49c444dc62e370825451b945ff89e99bf
69b2086f39e1f30b567049191696db642db8babe79a0c6ce084b06cdbc962b6b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tinctimarchtran1974.blogspot.com/js/cookienotice.js

172.217.21.161

200 OK

2.0 kB

URL HTTP/2
tinctimarchtran1974.blogspot.com/js/cookienotice.js
IP
172.217.21.161:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
2.0 kB (2026 bytes)
Hash
c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: tinctimarchtran1974.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinctimarchtran1974.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 14:57:50 GMT
expires: Sat, 04 Feb 2023 14:57:50 GMT
cache-control: public, max-age=604800
last-modified: Sat, 28 Jan 2023 12:50:00 GMT
content-type: text/javascript
age: 250907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/1253685842-widgets.js

216.58.207.233

200 OK

56 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/1253685842-widgets.js
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2221)
Size
56 kB (56462 bytes)
Hash
b329ea3a8875a3cb1fff0b03b148b3f5
97cb465dc452e56a75e6e2caf453aba800719305
71572f07e491477cf2d6925d94658fbd5f054172291071f8675f6a4aec6dcc09

HTTP Headers

GET /static/v1/widgets/1253685842-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinctimarchtran1974.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 01:57:07 GMT
expires: Tue, 30 Jan 2024 01:57:07 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 27 Jan 2023 00:03:44 GMT
content-type: text/javascript
age: 124950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

216.58.207.233

200 OK

6.6 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (30596)
Size
6.6 kB (6620 bytes)
Hash
6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f

HTTP Headers

GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinctimarchtran1974.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 03:27:21 GMT
expires: Fri, 26 Jan 2024 03:27:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 25 Jan 2023 14:53:31 GMT
content-type: text/css
age: 465136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2834
Expires: Tue, 31 Jan 2023 13:26:51 GMT
Date: Tue, 31 Jan 2023 12:39:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2834
Expires: Tue, 31 Jan 2023 13:26:51 GMT
Date: Tue, 31 Jan 2023 12:39:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2834
Expires: Tue, 31 Jan 2023 13:26:51 GMT
Date: Tue, 31 Jan 2023 12:39:37 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
59c5cc0cf7d0b64734f3ee24cdc2482c
5bd095eba6421e1b275b861f98cd2372b9a0555e
59cfcaa12a4de87b420f02bdb01599a0ef3c133607eb5ba961098d648fbabbb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11129 bytes)
Hash
2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:52 GMT
age: 31725
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7223 bytes)
Hash
36ff8d0c9899da25e80edbb858b164de
3e2491c5465f3c427a11c32bdfee27767559bb3f
b060501c6d82e97bd4826a62b790d58cd9d7ece8e1590267bc9b48033f3ce9b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80079413-a219-4943-96b4-3e14e10bb5ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7223
x-amzn-requestid: b05a1db9-29e2-42d0-9eca-9a0f462c87c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3IHtpIAMFUkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e693-7e13d93143b5e666313a4b8f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ghmt-mXtZMHRt0Iygf5If3TawSNP8c67hBw7HCnKY-Fu32zauMksGg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 10:55:58 GMT
age: 6219
etag: "3e2491c5465f3c427a11c32bdfee27767559bb3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10898 bytes)
Hash
4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 53476
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 38582
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8558 bytes)
Hash
e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:24:36 GMT
age: 33301
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13853 bytes)
Hash
d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 53480
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.blogger.com/dyn-css/authorization.css?targetBlogID=4293081761430238483&zx=9ab4885a-3af1-43f3-80ad-0a1465b9855e

216.58.207.233

200 OK

21 B

URL HTTP/2
www.blogger.com/dyn-css/authorization.css?targetBlogID=4293081761430238483&zx=9ab4885a-3af1-43f3-80ad-0a1465b9855e
IP
216.58.207.233:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
21 B (21 bytes)
Hash
a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522

HTTP Headers

GET /dyn-css/authorization.css?targetBlogID=4293081761430238483&zx=9ab4885a-3af1-43f3-80ad-0a1465b9855e HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tinctimarchtran1974.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 12:39:37 GMT
last-modified: Tue, 31 Jan 2023 12:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gg.gg/gtha2

91.215.42.31

200 OK

1.4 kB

URL HTTP/1.1
gg.gg/gtha2
IP
91.215.42.31:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.4 kB (1445 bytes)
Hash
f4f0636342422eb7bca940bc20ff4934
669dbb8e69ca2645c856be0ef969626ea29e875b
09bf3a2a57367deba77d274f215e95430daaf91f0391b3edbf3086988521c876

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /gtha2 HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 31 Jan 2023 12:39:37 GMT
X-Powered-By: PHP/5.3.3
Set-Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; Domain=.gg.gg; HttpOnly; Path=/; Expires=Wed, 31-Jan-2024 12:39:37 GMT
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be; expires=Tue, 31-Jan-2023 14:39:37 GMT; path=/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

gg.gg/css/style.css

91.215.42.31

200 OK

1.5 kB

URL HTTP/1.1
gg.gg/css/style.css
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
1.5 kB (1451 bytes)
Hash
d698546f0bf3574492e719fbd5900425
4425c292f5996d0028d55a4aedc1e84bdd222f71
4bffcd4896051994ede89b6a4bf4072ff3f42f7a2eda9dd57aebc9b7e9054522

HTTP Headers

GET /css/style.css HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 23 Jan 2023 09:53:39 GMT
Last-Modified: Thu, 17 Oct 2019 13:01:34 GMT
Accept-Ranges: bytes
Content-Type: text/css
DDG-Cache-Status: HIT,HIT
Etag: W/"14a06e2-182d-5951ad12f30d6"
Vary: Accept-Encoding
Age: 701159
Content-Encoding: gzip
Transfer-Encoding: chunked

gg.gg/css/smoothness/jquery-ui-1.8.21.custom.css

91.215.42.31

200 OK

6.0 kB

URL HTTP/1.1
gg.gg/css/smoothness/jquery-ui-1.8.21.custom.css
IP
91.215.42.31:0
ASN
#0

File type
ASCII text, with very long lines (1399)
Size
6.0 kB (6020 bytes)
Hash
1f80fa6c0185905782adb4086d1603f0
b8ef4408697b1ca820ddffbc4fdfc13d7d1d6c01
60c87f28cb83c1b29f5f2a3ba3e075da5683b2104715996c3dac6baaec637a38

HTTP Headers

GET /css/smoothness/jquery-ui-1.8.21.custom.css HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 28 Jan 2023 08:34:46 GMT
Last-Modified: Wed, 20 Jun 2012 21:28:26 GMT
Accept-Ranges: bytes
Content-Type: text/css
DDG-Cache-Status: HIT,HIT
Vary: Accept-Encoding
Etag: W/"14c003f-81e3-4c2ee14559280"
Age: 273892
Content-Encoding: gzip
Transfer-Encoding: chunked

www.statcounter.com/counter/counter.js

104.20.218.77

200 OK

14 kB

URL HTTP/1.1
www.statcounter.com/counter/counter.js
IP
104.20.218.77:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (43632), with no line terminators
Size
14 kB (14093 bytes)
Hash
ec70672a2f4620ce69dbd93d41715fb2
68d559ba806e8aa338221616ba9a85ae582e03a3
f6cd20fa5ef3de2a6bd894efa434c1650f12cf6b3c9df03d45489aff18c44b7e

HTTP Headers

GET /counter/counter.js HTTP/1.1
Host: www.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 12:39:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 31 Jan 2023 11:09:48 GMT
ETag: W/"aa70-5f38d5eb00bc7"
Cache-Control: max-age=43200
Expires: Tue, 31 Jan 2023 23:54:16 GMT
Access-Control-Allow-Origin: *
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
User-Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 2722
Server: cloudflare
CF-RAY: 792282df1ad3b523-OSL

gg.gg/js/jquery.zclip.min.js

91.215.42.31

200 OK

2.7 kB

URL HTTP/1.1
gg.gg/js/jquery.zclip.min.js
IP
91.215.42.31:0
ASN
#0

File type
ASCII text, with very long lines (7199), with CRLF line terminators
Size
2.7 kB (2682 bytes)
Hash
138d57759d5af9391e2e9ed77e32f7ed
5a2d0164ae234e03c9717f43bb89425c43863716
0618e5baea534cf569a321b8e47c89d9f4b11caeb722204f316021344287fc18

HTTP Headers

GET /js/jquery.zclip.min.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 22 Jan 2023 20:13:40 GMT
Last-Modified: Wed, 20 Jun 2012 21:27:49 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
DDG-Cache-Status: HIT,HIT
Etag: W/"14a06f9-1d0c-4c2ee1220ff40"
Vary: Accept-Encoding
Age: 750358
Content-Encoding: gzip
Transfer-Encoding: chunked

gg.gg/js/jquery.tag-it.js

91.215.42.31

200 OK

4.2 kB

URL HTTP/1.1
gg.gg/js/jquery.tag-it.js
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
4.2 kB (4172 bytes)
Hash
df826f4933c7ee0d612897afbcf43d57
eb438bd6881a4d3604f8438231d871b2b4a45ca7
2e084f69f619319d75c4c67e00153ff8a9cc42bfc74ba5c49265f47df06be64e

HTTP Headers

GET /js/jquery.tag-it.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Wed, 25 Jan 2023 14:17:54 GMT
Last-Modified: Fri, 06 Jul 2012 05:29:52 GMT
ETag: W/"14a06f8-3d92-4c4228db19400"
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 512504
Content-Length: 4172
DDG-Cache-Status: HIT,HIT

gg.gg/js/jquery.cookie.js

91.215.42.31

200 OK

836 B

URL HTTP/1.1
gg.gg/js/jquery.cookie.js
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
836 B (836 bytes)
Hash
313816f23b68369d84554681e25b997c
db5d92011f812d94bf52b71b403d924f49bd8100
0cdee91ee91ab37e23add5550843230d985be4a372dd6e6399f777d60145d137

HTTP Headers

GET /js/jquery.cookie.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 28 Jan 2023 12:34:46 GMT
Last-Modified: Wed, 20 Jun 2012 21:27:49 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Etag: "14a06f6-795-4c2ee1220ff40"
Age: 259492
Content-Length: 836
DDG-Cache-Status: HIT,HIT

gg.gg/js/jquery-1.7.2.min.js

91.215.42.31

200 OK

34 kB

URL HTTP/1.1
gg.gg/js/jquery-1.7.2.min.js
IP
91.215.42.31:0
ASN
#0

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
34 kB (33885 bytes)
Hash
332f177455ed3fd0e4167d5d62432c30
123310a063835f8ffcfae8685796b5e44830d33e
7b4f03a48f3381b7f7f246f404588d55dd4a706ecc2069ccadd4bf6ff16aa387

HTTP Headers

GET /js/jquery-1.7.2.min.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 29 Jan 2023 13:14:45 GMT
Last-Modified: Wed, 20 Jun 2012 21:27:50 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
Etag: W/"14a06f4-17278-4c2ee12304180"
Age: 170693
DDG-Cache-Status: HIT,HIT
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

gg.gg/css/jquery.tagit.css

91.215.42.31

200 OK

452 B

URL HTTP/1.1
gg.gg/css/jquery.tagit.css
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
452 B (452 bytes)
Hash
6049adad816646eca81924ca1a9eb84b
6393227a12d0b5ef5fe20c9c5cdb0d44b3101141
d207ccff027833a4a2a97fc5935b4c38a2f0528de3eb645560e7c68d0dd8882a

HTTP Headers

GET /css/jquery.tagit.css HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 24 Jan 2023 20:34:12 GMT
Last-Modified: Fri, 06 Jul 2012 05:23:50 GMT
Accept-Ranges: bytes
Content-Type: text/css
X-Pad: avoid browser bug
DDG-Cache-Status: HIT,HIT
Vary: Accept-Encoding
Etag: W/"14a06e1-472-4c422781de580"
Age: 576326
Content-Encoding: gzip
Transfer-Encoding: chunked

gg.gg/js/jquery.corners.min.js

91.215.42.31

200 OK

3.3 kB

URL HTTP/1.1
gg.gg/js/jquery.corners.min.js
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
3.3 kB (3281 bytes)
Hash
8c90a8ecb06f786a47b907d8d7aec85d
9b95d644495de3832007a359c396474f990afe00
dd478c24c8cb60edaf2e4aed3db264af2008625e8f4f68408655eb481a883543

HTTP Headers

GET /js/jquery.corners.min.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sun, 29 Jan 2023 09:54:46 GMT
Last-Modified: Wed, 20 Jun 2012 21:27:49 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
DDG-Cache-Status: HIT,HIT
Vary: Accept-Encoding
Etag: W/"14a06f7-274d-4c2ee1220ff40"
Age: 182692
Content-Encoding: gzip
Transfer-Encoding: chunked

gg.gg/js/logic.js?v3

91.215.42.31

200 OK

1.8 kB

URL HTTP/1.1
gg.gg/js/logic.js?v3
IP
91.215.42.31:0
ASN
#0

File type
ASCII text
Size
1.8 kB (1799 bytes)
Hash
0d6212eef0f3f4d2777e4ddfdf5e95d6
46fa889a07279836181bcfccb11d00390db9e5ea
4ae99e6c4524e25c8a64eb9c04917c23cebf00ed4fc5662ffc86d6819fe5ae47

HTTP Headers

GET /js/logic.js?v3 HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 31 Jan 2023 02:14:04 GMT
Last-Modified: Sat, 06 Aug 2022 09:31:21 GMT
Accept-Ranges: bytes
Content-Type: text/javascript
DDG-Cache-Status: HIT,HIT
Vary: Accept-Encoding
Etag: W/"14a0c61-1851-5e58f3ee14120"
Age: 37534
Content-Encoding: gzip
Transfer-Encoding: chunked

gg.gg/js/jquery-ui-1.8.21.custom.min.js

91.215.42.31

200 OK

52 kB

URL HTTP/1.1
gg.gg/js/jquery-ui-1.8.21.custom.min.js
IP
91.215.42.31:0
ASN
#0

File type
ASCII text, with very long lines (18608)
Size
52 kB (52366 bytes)
Hash
5a8b5bbff7f35f9620c6afa02bbb2d0c
4503ab6ba97d146654f0a55a69a4c6c621558fdf
52096b7e55260ff876aee18eb74211500884bd455da8a67fe9a8bac9596d3272

HTTP Headers

GET /js/jquery-ui-1.8.21.custom.min.js HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 24 Jan 2023 16:48:50 GMT
Last-Modified: Wed, 20 Jun 2012 21:27:50 GMT
ETag: W/"14a06f5-3284b-4c2ee12304180"
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 589848
Content-Length: 52366
DDG-Cache-Status: HIT,HIT

gg.gg/gg-banned-page

91.215.42.31

301 Moved Permanently

0 B

URL HTTP/1.1
gg.gg/gg-banned-page
IP
91.215.42.31:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gg-banned-page HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be

HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 31 Jan 2023 12:39:38 GMT
X-Powered-By: PHP/5.3.3
Set-Cookie: gg_token=b16be8fdbc5eaec1b33c318fbc7211da63d90c0a438c54.90707862; expires=Mon, 01-May-2023 12:39:38 GMT; path=/; domain=.gg.gg
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 31 Jan 2023 12:39:38 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://gg.gg/images/broken-link.jpg
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 0
DDG-Cache-Status: MISS,MISS
Transfer-Encoding: chunked

gg.gg/images/broken-link.jpg

91.215.42.31

200 OK

32 kB

URL HTTP/1.1
gg.gg/images/broken-link.jpg
IP
91.215.42.31:0
ASN
#0

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2012:09:07 02:22:56], progressive, precision 8, 600x450, components 3\012- data
Size
32 kB (32002 bytes)
Hash
cdd81773f16537e6405c4e28f6adec25
08bcc852dbc995ae4d9d7e9ba78b860eed0850a7
9325a36d10dc036fd657c57e35fe141715b92b12211d48e14de8dde7c8e17398

HTTP Headers

GET /images/broken-link.jpg HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gg.gg/gtha2
Connection: keep-alive
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be; sc_is_visitor_unique=rx7960190.1675168795.D14CB64F67324FAB5ADA001138B58C89.1.1.1.1.1.1.1.1.1; gg_token=b16be8fdbc5eaec1b33c318fbc7211da63d90c0a438c54.90707862

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Tue, 24 Jan 2023 17:18:19 GMT
Last-Modified: Thu, 06 Sep 2012 23:26:43 GMT
ETag: "14a06e3-7d02-4c910d2f872c0"
Accept-Ranges: bytes
Content-Length: 32002
Content-Type: image/jpeg
Age: 588079
DDG-Cache-Status: HIT,HIT

gg.gg/images/favicon.ico

91.215.42.31

200 OK

894 B

URL HTTP/1.1
gg.gg/images/favicon.ico
IP
91.215.42.31:0
ASN
#0

File type
MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Size
894 B (894 bytes)
Hash
94cdc66c71cb96127f0faa3931a23ab9
77cbf7fe62cf2eba5ef27fde2edfe4408c1ba0d8
5b7adedabf077fff5216aca04fecfec61c8e90c5ca054eab19e3a9bd152496a4

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: gg.gg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gg.gg/gtha2
Cookie: __ddg1_=B3PDAmNS4Q2JRbWyJeNC; ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%226b00e709e9a9123a7016ea014cc25e01%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%22186.2.160.42%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1675168777%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D7dd3910c44b8480faa6a127cff3041be; sc_is_visitor_unique=rx7960190.1675168795.D14CB64F67324FAB5ADA001138B58C89.1.1.1.1.1.1.1.1.1; gg_token=b16be8fdbc5eaec1b33c318fbc7211da63d90c0a438c54.90707862

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Sat, 28 Jan 2023 19:42:57 GMT
Last-Modified: Wed, 20 Jun 2012 21:25:00 GMT
Accept-Ranges: bytes
Content-Length: 894
Content-Type: image/vnd.microsoft.icon
DDG-Cache-Status: HIT,MISS
Etag: "14a06e6-37e-4c2ee080e4300"
Age: 233802

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1a17f5bd9cf6bb2ec333fa6eeefb3345
d00ac8d8036e4b5e584006b4446b95445835ea09
4ad64978a243ed85af02e7128e8c0b809709be861997dca42a6f21b4f728766e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/js/plusone.js

142.250.74.46

200 OK

21 kB

URL HTTP/2
apis.google.com/js/plusone.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1429)
Size
21 kB (20950 bytes)
Hash
f8971f3ad662af35a2ca6871f8c78482
35a0b814d6ecec8deacc9aea87ce9be62b15d92b
a438d380bab44504b1ff13673a0e041c6ac6645d03926e7f076465d1fe049765

HTTP Headers

GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gg.gg/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Tue, 31 Jan 2023 12:39:38 GMT
expires: Tue, 31 Jan 2023 12:39:38 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9dea963ca1c75dde"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_1?le=scs

142.250.74.46

200 OK

106 kB

URL HTTP/2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_1?le=scs
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2076)
Size
106 kB (105639 bytes)
Hash
96f1e531d687c6a17700f77d2dbec24d
df8268577cc8c35ca0ff61243951561aff4aa428
35e3e7f1c6c25cbf2ed7bb30a4aa4c0a2e0075aebb05ece2589c8a50931861fe

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gg.gg/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 105639
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 19:14:36 GMT
expires: Fri, 26 Jan 2024 19:14:36 GMT
cache-control: public, max-age=31536000
age: 408302
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs

142.250.74.46

200 OK

152 kB

URL HTTP/2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1448)
Size
152 kB (152360 bytes)
Hash
17f8a13c08d686864cf2e90b3c1f501c
fb1b45fee77fcf9292297818da49aed9bea10173
7fc95c63ef763ca78bc62910711282071e88a80e2d744534bbbf9762282f64b1

HTTP Headers

GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gg.gg/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 152360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:43:27 GMT
expires: Tue, 30 Jan 2024 18:43:27 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
age: 64571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=http%3A%2F%2Fgg.gg&url=http%3A%2F%2Fgg.gg%2Fgtha2&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__

142.250.74.46

301 Moved Permanently

226 B

URL HTTP/2
apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=http%3A%2F%2Fgg.gg&url=http%3A%2F%2Fgg.gg%2Fgtha2&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
226 B (226 bytes)
Hash
4df07581948280a6e769a24c5d99d775
843a2c95362347eb8894a6acb607f139be65ded4
3561b93a48d81fac116ccd6e60163bd382abb1d594c81240f5718feb1f197f73

HTTP Headers

GET /u/0/se/0/_/+1/fastbutton?usegapi=1&origin=http%3A%2F%2Fgg.gg&url=http%3A%2F%2Fgg.gg%2Fgtha2&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__ HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gg.gg/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: http://developers.google.com/
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 12:39:38 GMT
expires: Tue, 31 Jan 2023 13:09:38 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4b973033f8a4e7f1d38e80b8f83d3a60
e0beacd8458505d57e374160d17316c7b6b3d139
637a7ffaba5de6ded612572262431895594d018fb88da5a274998c27ada9418f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

developers.google.com/

172.217.21.174

301 Moved Permanently

0 B

URL HTTP/1.1
developers.google.com/
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gg.gg/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: 8fa106a78ed72916b235818f9e9a7d8e
Date: Tue, 31 Jan 2023 12:39:38 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
89693a781b6fd4661b5135e995c020e0
31556087e2debc22777fa52b4d3b61f97ad3f4c2
566e15d9c91a95c23293a34abb7456037353f2abd75ed440d38ca880d3c42099

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 12:39:38 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 06:34:07 GMT
Expires: Tue, 07 Feb 2023 06:34:06 GMT
Etag: "31556087e2debc22777fa52b4d3b61f97ad3f4c2"
Cache-Control: max-age=582267,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792282e0db85b50b-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__

142.250.74.109

200 OK

4.7 kB

URL HTTP/2
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__
IP
142.250.74.109:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2267)
Size
4.7 kB (4654 bytes)
Hash
762156eee53ae9cb3d6852b50c9caa74
9e7147c0445ac4d4031220ffe52eabd05b74d688
af14d8b41c90218b493d5bd9d49d89f29e1e2249a157bfbe111af85da6d71396

HTTP Headers

GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fgg.gg&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.AMZ27oQJoUI.O%2Fd%3D1%2Frs%3DAHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gg.gg/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 12:39:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-1w50AFLBOXqKAUO2Fg1fbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 12:39:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

c.statcounter.com/t.php?sc_project=7960190&u1=D14CB64F67324FAB5ADA001138B58C89&java=1&security=308b9f68&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//gg.gg/gtha2&t=Banned&invisible=1&sc_rum_e_s=381&sc_rum_e_e=388&sc_rum_f_s=0&sc_rum_f_e=254&get_config=true

104.20.219.77

200 OK

0 B

URL HTTP/2
c.statcounter.com/t.php?sc_project=7960190&u1=D14CB64F67324FAB5ADA001138B58C89&java=1&security=308b9f68&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//gg.gg/gtha2&t=Banned&invisible=1&sc_rum_e_s=381&sc_rum_e_e=388&sc_rum_f_s=0&sc_rum_f_e=254&get_config=true
IP
104.20.219.77:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /t.php?sc_project=7960190&u1=D14CB64F67324FAB5ADA001138B58C89&java=1&security=308b9f68&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=http%3A//gg.gg/gtha2&t=Banned&invisible=1&sc_rum_e_s=381&sc_rum_e_e=388&sc_rum_f_s=0&sc_rum_f_e=254&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gg.gg
Connection: keep-alive
Referer: http://gg.gg/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 12:39:38 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc7960190.1675168778.0; SameSite=None; Secure; Expires=Sunday, 30-Jan-2028 17:39:38 +05; Path=/; Domain=.statcounter.com
access-control-allow-origin: http://gg.gg
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 792282e36c47b503-OSL
content-encoding: br
X-Firefox-Spdy: h2

developers.google.com/

172.217.21.174

200 OK

0 B

URL HTTP/2
developers.google.com/
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gg.gg/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 24 Jan 2023 21:53:17 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.130429288.1675168779; Expires=Thu, 30 Jan 2025 12:39:39 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-zge8q6E7e+p7KXgeyfqCdgQK1E/eEo' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 09f2fdf182233b819cc69e293806605b
vary: Accept-Encoding
date: Tue, 31 Jan 2023 12:39:39 GMT
server: Google Frontend
content-length: 25572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML